Bug#21224: mysql_upgrade uses possibly insecure temporary files
We open for writing a known location, which is exploitable with a symlink attack. Now, use the EXCLusive flag, so that the presence of anything at that location causes a failure. Try once to open safely, and if failure then remove that location and try again to open safely. If both fail, then raise an error.
Showing
Please register or sign in to comment