This issue applies to desktop only, where StateSaver serializes data in files under /tmp. On devices, confined applications have their own TMPDIR, which makes it a non-issue, as far as I understand it.
StateSaver uses QSettings under the hood to persist data on disk, which issues a plain QFile::open(QFile::ReadWrite) call to open the file, which does not set the O_EXCL flag.
This issue applies to desktop only, where StateSaver serializes data in files under /tmp. On devices, confined applications have their own TMPDIR, which makes it a non-issue, as far as I understand it.
StateSaver uses QSettings under the hood to persist data on disk, which issues a plain QFile:: open(QFile: :ReadWrite) call to open the file, which does not set the O_EXCL flag.
This makes it vulnerable to symlink attacks.