undefined | Better HN

0 pointssegmondy7y ago0 comments

I'll just make a file link to .bashrc and call it /tmp/foo.png, what are you going to do? Not open links? Check if the file links to .bashrc?

If an image manipulation software wants to open .bashrc, allow it. If it has permission to write to one, so be it. If .bashrc is such a security nightmare, then perhaps the issue is that programs can write to it. Remove the write permission. Perhaps a security model where restoring permission asks for password.

0 comments

int_19h7y ago

> Check if the file links to .bashrc?

That would seem to be the obvious right choice. What's the problem with it?

j / k navigate · click thread line to collapse

0 pointssegmondy7y ago0 comments

I'll just make a file link to .bashrc and call it /tmp/foo.png, what are you going to do? Not open links? Check if the file links to .bashrc?

0 comments

int_19h7y ago

> Check if the file links to .bashrc?

That would seem to be the obvious right choice. What's the problem with it?

j / k navigate · click thread line to collapse