spaetz <[EMAIL PROTECTED]> writes: > On Fri, Aug 22, 2008 at 11:48:11AM +0200, "Marc Sch?tz" wrote: >> Yes, but as the default working directory in tilesAtHome.conf.linux >> is "/tmp/", the client is unsafe by default. This should be fixed. > > Everyone agrees that the directory structure requires an overhaul, and > although malicious attackers that insert bad stuff in the tmp > directories is the least of my worries for the [EMAIL PROTECTED] client, a > random > component will be part of the design. > > Currently we also have a fixed directoy WorkingDir/uploads for > uploads. Is this of some concern to you?
There are also a couple of files that are created in the working directory. These are problematic, too. Matthias _______________________________________________ Tilesathome mailing list [email protected] http://lists.openstreetmap.org/listinfo/tilesathome
