|
| From: | Andreas Schwab |
| Subject: | Re: [Emacs-diffs] /srv/bzr/emacs/trunk r111747: * doc-view.el (doc-view-odf->pdf-converter-soffice): Use separate |
| Date: | Wed, 13 Feb 2013 00:43:05 +0100 |
| User-agent: | Gnus/5.13 (Gnus v5.13) Emacs/24.2.93 (gnu/linux) |
Stefan Monnier <address@hidden> writes: >> + ;; A workaround is to start soffice with a >> + ;; separate UserInstallation directory. >> + (concat "-env:UserInstallation=file://" >> + (expand-file-name (format >> "libreoffice-docview%d" (user-uid)) >> + temporary-file-directory)) > > I'm pretty sure there's some kind of race condition here that lets an > attacker on the same machine make you write files you didn't intend. It should be put in a directory like server.el and doc-view.el do. server-ensure-safe-dir and doc-view-make-safe-dir should probably be factored out into a generic function. Andreas. -- Andreas Schwab, address@hidden GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 "And now for something completely different."
| [Prev in Thread] | Current Thread | [Next in Thread] |