)[^<]+" /tmp/.gmail | grep -v Gmail) # prepare tooltip string out=$(for (( i=0; i<$num_messages; i++ )); do echo "${names[i]} - ${subjects[i]}#"; done) toolstr="$(echo $out | sed -e 's/\# /\n/g' | sed -e 's/\#//g')" # check to see if there are new, new messages (only notify if something new has arrived) new_msgs=0 if [ $num_messages -gt 0 ]; then if [ -a /tmp/.gmail.lastid ]; then if [ "${ids[0]}" != "$(cat /tmp/.gmail.lastid)" ]; then echo ${ids[0]} > /tmp/.gmail.lastid let new_msgs=1 fi else echo ${ids[0]} > /tmp/.gmail.lastid let new

xfce4-genmon-plugin-4.2.0-alt1.x86_64 unsafe-tmp-usage-in-scripts fail The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/doc/xfce4-genmon-plugin-4.2.0/scripts/twit: $ grep /tmp/ /usr/share/doc/xfce4-genmon-plugin-4.2.0/scripts/twit # Default Font = (your choice) # ############################################## ### configurable parameters # debug mode (logged to /tmp/twit-log if set to 1) DEBUG=0 # location of t TWIT_CMD="/home/toz/.gem/ruby/2.4.0/bin/t" # # open twitter in browser window #CLICK_ACTION="xdg-open https://www.twitter.com" # display list of recent tweets in yad dialog CLICK_ACTION="yad --window-icon=$NOTIFICATION_ICON --title Recent\ Twitter\ Timeline --center --width=1200 --height=500 --text-info --show-uri --filename=/tmp/.twit-all-output" # compose a new tweet (untested) #TWEET=$(yad --title "Compose a new message..." --height=200 --width=300 --text-info --editable --wrap) #CLICK_ACTION="t update '$TWEET'" -- ############################################## # don't change anything below ############################################## # check to see if .lastid is valid and if not reset [[ $(cat /tmp/.lastid) =~ ^[0-9]+$ ]] || rm /tmp/.lastid # get last processed ID and timeline if [ -s /tmp/.lastid ] then LASTID=$(cat /tmp/.lastid) $TWIT_CMD timeline -lr -s $LASTID > /tmp/.twit else $TWIT_CMD timeline -lr > /tmp/.twit fi [ $DEBUG -eq 1 ] && echo "01 .lastid=$(cat /tmp/.lastid)" > /tmp/twit-log [ $DEBUG -eq 1 ] && echo "02 LASTID=$LASTID" >> /tmp/twit-log sleep 1 # save the last processed ID cat /tmp/.twit | tail -1 | awk '{print $1}' > /tmp/.lastid if [ ! -s /tmp/.lastid ] then echo $LASTID > /tmp/.lastid fi [ $DEBUG -eq 1 ] && echo "03 new.lastid=$(cat /tmp/.lastid)" >> /tmp/twit-log # get number of new tweets num_tweets=$(cat /tmp/.twit | wc -l) [ $DEBUG -eq 1 ] && echo "04 num_tweets=$num_tweets" >> /tmp/twit-log # get the contents of the new tweets mapfile -t ids < <(awk '{print $1}' /tmp/.twit) mapfile -t from < <(awk '{print $5}' /tmp/.twit) mapfile -t text < <(awk '{for(i=6;i<=NF;i++){printf "%s ", $i}; printf "\n"}' /tmp/.twit) toolstr=$(for (( i=0; i<$num_tweets; i++ )); do echo "${from[i]} >> ${text[i]}"; echo ""; done) [ $DEBUG -eq 1 ] && echo "05 toolstr=$toolstr" >> /tmp/twit-log ##### set default plugin icon file and notify of new tweets #set default icon file to no new emails ICON_FILE="$NOTWEETS" [ $DEBUG -eq 1 ] && echo "06 ICON_FILE=$ICON_FILE" >> /tmp/twit-log if [ $num_tweets -gt 0 ]; then [ $DEBUG -eq 1 ] && echo "07 num_tweets > 0" >> /tmp/twit-log # set icon file to new emails image ICON_FILE="$NEWTWEETS" [ $DEBUG -eq 1 ] && echo "08 ICON_FILE=$ICON_FILE" >> /tmp/twit-log for (( i=0; i<$num_tweets; i++ )) do [ $DEBUG -eq 1 ] && echo "09 sending notification" >> /tmp/twit-log notify-send -i "$NOTIFICATION_ICON" "$(echo ${from[i]} | sed -r 's/[&]+/&/g')" "$(echo ${text[i]} | sed -r 's/[&]+/&/g')" done fi # append current to the all file if [ -s /tmp/.twit-all ] then cat /tmp/.twit /tmp/.twit-all > /tmp/.twit-tmp && mv /tmp/.twit-tmp /tmp/.twit-all else cat /tmp/.twit > /tmp/.twit-tmp && mv /tmp/.twit-tmp /tmp/.twit-all fi # format the output cat /tmp/.twit-all | awk '{ printf("%s %- 16s", $4, $5); out=$6; for(i=7;i<=NF;i++){out=out" "$i}; print out}' > /tmp/.twit-all-output # get last checked time stamp last_checked=$(date) # prepare tooltip string (to show last NUM_TOOLTIP_TWEETS) if [ -s /tmp/.twit-all ] then mapfile -t from2 < <(awk '{print $5}' /tmp/.twit-all) mapfile -t text2 < <(awk '{for(i=6;i<=NF;i++){printf "%s ", $i}; printf "\n"}' /tmp/.twit-all) toolstr2=$(for (( i=$num_tweets; i<$NUM_TOOLTIP_TWEETS; i++ )); do if [ "${from2[i]}" != "" ]; then echo "${from2[i]} >> ${text2[i]}"; echo ""; fi; done) fi [ $DEBUG -eq 1 ] && echo "10 toolstr2=$toolstr2" >> /tmp/twit-log ##### do the genmon if [ $TOOLTIP_NEW_TWEETS_ONLY -eq 0 ] then if [ $num_tweets -gt 0 ] then [ $DEBUG -eq 1 ] && echo "11 genmon:num_tweets > 0" >> /tmp/twit-log echo "$ICON_FILE $CLICK_ACTION New tweets: -- $toolstr2 Last checked: $last_checked" else [ $DEBUG -eq 1 ] && echo "12 genmon:num_tweets = 0" >> /tmp/twit-log echo "$ICON_FILE $CLICK_ACTION Recent tweets: -- else if [ $num_tweets -gt 0 ] then [ $DEBUG -eq 1 ] && echo "11 genmon:num_tweets > 0" >> /tmp/twit-log echo "$ICON_FILE $CLICK_ACTION New tweets: $toolstr Last checked: $last_checked" else [ $DEBUG -eq 1 ] && echo "12 genmon:num_tweets = 0" >> /tmp/twit-log echo "$ICON_FILE $CLICK_ACTION No new tweets. -- fi fi [ $DEBUG -eq 1 ] && echo "13 $(date)" >> /tmp/twit-log # purge old tweets from list KEEPEPOCHLIMIT=$(( $(date +%s) - $KEEP_TIME )) while IFS= read -r line do if [[ $(date --date="$(echo "$line" | awk '{print $2" "$3" "$4}')" +%s) -gt $KEEPEPOCHLIMIT ]] then echo "$line" >> /tmp/.twit-all.new fi done < "/tmp/.twit-all" mv /tmp/.twit-all.new /tmp/.twit-all unset ids from text from2 text2 exit 0 Found error in /usr/share/doc/xfce4-genmon-plugin-4.2.0/scripts/gmail: $ grep -A5 -B5 /tmp/ /usr/share/doc/xfce4-genmon-plugin-4.2.0/scripts/gmail ############################################## # don't change anything below ############################################## # get and save the atom feed curl -u "$USERNAME":"$PASSWORD" --silent "https://mail.google.com/mail/feed/atom" > /tmp/.gmail # get number of unread messages num_messages=$(grep -oP "(?<=)[^<]+" /tmp/.gmail) # get last checked time last_checked=$(grep -oP "(?<=)[^<]+" /tmp/.gmail | TZ=$TIMEZONE date +'%r') # get ids, senders and subjects mapfile -t ids < <(grep -oP "(?<=)[^<]+" /tmp/.gmail | awk -F":" '{print $3}') mapfile -t names < <(grep -oP "(?<=)[^<]+" /tmp/.gmail) mapfile -t subjects < <(grep -oP "(?<=)[^<]+" /tmp/.gmail | grep -v Gmail) # prepare tooltip string out=$(for (( i=0; i<$num_messages; i++ )); do echo "${names[i]} - ${subjects[i]}#"; done) toolstr="$(echo $out | sed -e 's/\# /\n/g' | sed -e 's/\#//g')" # check to see if there are new, new messages (only notify if something new has arrived) new_msgs=0 if [ $num_messages -gt 0 ]; then if [ -a /tmp/.gmail.lastid ]; then if [ "${ids[0]}" != "$(cat /tmp/.gmail.lastid)" ]; then echo ${ids[0]} > /tmp/.gmail.lastid let new_msgs=1 fi else echo ${ids[0]} > /tmp/.gmail.lastid let new_msgs=1 fi fi;