Re: Bug#179125: maintainer scripts tries to exec script in /tmp
On Mon, 2003-02-03 at 12:07, Thomas Wouters wrote:
> On Mon, Feb 03, 2003 at 11:00:58AM +0000, Oliver Elphick wrote:
>
> > A temporary script needs to be somewhere, and /tmp is guaranteed to
> > exist and to be available for temporary files. I don't see how making
> > its contents non-executable contributes anything to security; no-one has
> > /tmp in their path, I hope!
>
> I assume you can still do 'interpreter ${TMPDIR}/${tmpfile}' to execute it ?
Not easily, because it is passed to start-stop-daemon. That was the
reason for writing a separate file in the first place.
--
Oliver Elphick <olly@lfix.co.uk>
LFIX Limited
Reply to: