 |
CanFestival-3-source-2015.08.03-alt1.noarch |
unsafe-tmp-usage-in-scripts |
fail |
The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/src/CanFestival-3/configure: $ grep -A5 -B5 /tmp/ /usr/src/CanFestival-3/configure ########################################################################### if [ "$SUB_WX" = "" ]; then if which wx-config >/dev/null 2>&1; then echo -n "Testing wxWidgets compiles ... " cat > /tmp/wx_test.cpp </dev/null 2>&1 ; then SUB_WX=1 echo "Yes" else SUB_WX=0 echo "No" fi rm -f /tmp/wx_test* else SUB_WX=0 echo "No wxWidgets available" fi fi |