|
|
|
|
|
|
by ryanjshaw
1183 days ago
|
|
|
Not sure how you came to this conclusion in this particular case. File APIs have been around for decades, and are well understood. Changing the behaviour of a file mode from truncate to not-truncate is a questionable decision because these are very explicit options a developer would carefully select, and therefore would not expect to see a change in behaviour to something already covered by a different option. I work in finance and I can confidently say it would be at the top of my mind that this kind of change would result in leaking data or corrupting data because I regularly explicitly choose truncation to avoid exactly that when I generate new reports. It's also ironic that you complain about hyperbole then accuse people of "pretending to be smart". You don't need to be smart to see this as a security issue, you just need some real world development experience. |
|
|
Looking at the commit which changed this behavior: https://cs.android.com/android/_/android/platform/frameworks...
it seems like it was a refactoring gone wrong, and not a conscious decision to change the behaviour.