We received a security vulnerability report that went roughly like this:
There is a security vulnerability in the X component.
It loads from the current directory,
thereby making it vulnerable to a current directory attack.
Here is a sample program that illustrates the problem.
Copy a rogue into the current directory
and run the ...