Skip to content

disallow absolute and non-normalized paths for mktemp #5686

New issue
New issue
Closed
Closed
disallow absolute and non-normalized paths for mktemp#5686
Labels
plugin: tmpdirrelated to the tmpdir builtin plugintype: feature-branchnew feature or API change, should be merged into features branch
@RonnyPfannschmidt

Description

@RonnyPfannschmidt
RonnyPfannschmidt
opened on Aug 2, 2019

followup to #4202

this is an potential issue and attack vector, absolute paths are no tmpdir and escaping paths aren't either,
just normalizing would also break the world

so we should only ever accept normalized relative paths for it

Metadata

Metadata

Assignees

No one assigned

    Labels

    plugin: tmpdirrelated to the tmpdir builtin plugintype: feature-branchnew feature or API change, should be merged into features branch

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions