"Martijn van Oosterhout" <[EMAIL PROTECTED]> writes: > On Thu, Aug 21, 2008 at 9:29 PM, "Marc Schütz" <[EMAIL PROTECTED]> wrote: >>> I wanted to call it Z_X_Y to make it easy for somebody trying to debug >>> things to find the data. >> >> You have to be careful if you use fixed or predictable names in /tmp to >> avoid symlink attacks. > > So don't use /tmp but some other directory that doesn't have > world-write permissions. Enfore that and you don't need to worry about > the names.
You can also set the working folder's permissions to 700 and nobody can put a symlink inside. Matthias _______________________________________________ Tilesathome mailing list [email protected] http://lists.openstreetmap.org/listinfo/tilesathome
