-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/10/2013 02:04 PM, Daniel Kahn Gillmor wrote:
On 07/10/2013 04:02 PM, Daniel Kahn Gillmor wrote:
hi oss-sec folks--
i recently learned that npm, the node.js language-specific
package manager, created predictable temporary directory names in
On 07/10/2013 04:02 PM, Daniel Kahn Gillmor wrote:
hi oss-sec folks--
i recently learned that npm, the node.js language-specific package
manager, created predictable temporary directory names in a
world-writable filesystem (/tmp) by default when unpacking archives.
It looks like this