|
scanbuttond-0.2.3-alt4.x86_64 |
unsafe-tmp-usage-in-scripts |
fail |
The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /etc/scanbuttond/buttonpressed.sh: $ grep -A5 -B5 /tmp/ /etc/scanbuttond/buttonpressed.sh # $1 ... the button number # $2 ... the scanner's SANE device name, which comes in handy if there are two or # more scanners. In this case we can pass the device name to SANE programs # like scanimage. TMPFILE="/tmp/scan.tiff" LOCKFILE="/tmp/copy.lock" case $1 in 1) echo "button 1 has been pressed on $2" -- # echo "Error: Another scanning operation is currently in progress" # exit # fi # touch $LOCKFILE # rm -f $TMPFILE scanimage --device-name $2 -x 215 -y 297 1> /tmp/image.pnm A= gimp /tmp/image.pnm # tiff2ps -z -w 8.27 -h 11.69 $TMPFILE | lpr # rm -f $LOCKFILE # ;; 2) echo "button 2 has been pressed on $2" scanimage --device-name $2 -x 215 -y 297 1> /tmp/image.pnm lpr /tmp/image.pnm ;; 3) echo "button 3 has been pressed on $2" scanimage --device-name $2 -x 215 -y 297 1> /tmp/image.pnm A= evolution mailto:?attach=/tmp/image.pnm ;; 4) echo "button 4 has been pressed on $2" ;; esac |