Re: [Pkg-grass-general] Re: [GRASS5] [bug #2877] (grass) Insecure tempfile creation
On Tue, 2005-01-18 at 20:43 +1300, Hamish wrote:
> [thanks for the 5.0.3 patch Marga]
>
>
> Just an update re. less-insecure tempfiles ..
>
> In the upstream GRASS 5.7 CVS[*] pretty much everything in the scripts/
> directory now uses g.tempfile. C modules are next. I am not sure what to
> do with the init scripts & libs where the GRASS tempfile fn's may not be
> available..
>
> These fixes are not in Steve Halasz's grass 6.0beta1 grass package[**],
> I'm not sure when 6beta2 will be but maybe Steve & co. are willing to
> backport these changes to 6beta1 and push for that to get into Sarge.
Hamish,
I appreciate the quick attention to this. Whenever it is all squared
away in CVS I'll make a package straight from CVS with the goal of
getting it into Sarge ASAP. Otherwise there will be no GRASS in Sarge at
all.
Steve
> a number of the instances on the offender list were actually commented
> out, etc.
>
> still to look at:
>
> lib/db/stubs/BUILD.PROTO
> lib/db/dbmi_driver/mk_dbstubs_h.sh
> lib/gis/unix_socks.c
> lib/gis/gislib.dox
> lib/gis/win32_pipes.c
> lib/init/init.sh
> lib/init/make_location_epsg_g57.sh
>
> raster/r.terraflow/description.html
> raster/r.terraflow/main.cc
>
>
>
> regards,
> Hamish
>
> _______________________________________________
> Pkg-grass-general mailing list
> Pkg-grass-general@lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/pkg-grass-general
Reply to: