https://issues.dlang.org/show_bug.cgi?id=15584

--- Comment #10 from Cédric Picard <cpicard@openmailbox.org> ---
(In reply to Ketmar Dark from comment #9)
> which, of course, can be caused by many other reasons. like, for example, remounting (rebinding) output point (which can be caused by some external condition, of course). so should we check for mount binds? and if we should, what should be considered "safe"? absense of binds? but why?
> 
> that's why i think that such checks curing the symptoms, and of little importance.
>
> it's not the compiler task to check file pathes, it's a task of tar/git/etc — the program that was used to unpack the archive.

I don't think so, packing links is totally normal, following them without question but only sometimes isn't.

> and if the user managed
> to create such weird environment... well, it's time time fix the user, not
> the compiler. ;-)
> 
> btw, aren't creating executables done by "ld"? so it looks like "ld" bug, not dmd.

Fair point.

> > > anyway: let it be of "normal" severity then?
> > I leave that point to your discretion. I'm a security guy, every vulnerability allowing remote access is critical for me, but it's the developper's job to decide whether it fits their security model or not.
> i'm not a dmd developer too. ;-) yet while it's surely a security flaw, for me dmd is the wrong place where one should try to solve it.

--

https://issues.dlang.org/show_bug.cgi?id=15584

RazvanN <razvan.nitu1305@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
                 CC|                            |razvan.nitu1305@gmail.com
         Resolution|---                         |WONTFIX

--- Comment #11 from RazvanN <razvan.nitu1305@gmail.com> ---
I agree with Ketmar here. It is not the job of the compiler to check whether an input file is a symlink or not.

--