Re: [Cgi-session-user] FW: Security issue about CGI::Session

[Kenneth P. <sh...@se...>]

On Tuesday, March 21, 2006 5:00 PM -0600 Matt LeBlanc <mle...@cp...> 
wrote:

> Good point. I've submitted yet another patch that checks to make certain
> the file opened is not a symlink.

You might want to look at source to mkstemp(3) to see if there's any other 
conditions to worry about.