simple-httpfs icon indicating copy to clipboard operation
simple-httpfs copied to clipboard
verified publisher icon higlass

Default use of /tmp/xx for the cache is probably unsafe

Open chewi opened this issue 10 months ago • 0 comments

Predictable temporary filenames are a security risk. See the OWASP guidance. I would suggest using Python's TemporaryDirectory by default instead. Users who need to persist the cache can do so in their own safely-created location.

chewi avatar Jan 28 '25 12:01 chewi