[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#179125: maintainer scripts tries to exec script in /tmp

On Mon, 2003-02-03 at 12:07, Thomas Wouters wrote:
> On Mon, Feb 03, 2003 at 11:00:58AM +0000, Oliver Elphick wrote:
> > A temporary script needs to be somewhere, and /tmp is guaranteed to
> > exist and to be available for temporary files.  I don't see how making
> > its contents non-executable contributes anything to security; no-one has
> > /tmp in their path, I hope!
> I assume you can still do 'interpreter ${TMPDIR}/${tmpfile}' to execute it ?

Not easily, because it is passed to start-stop-daemon.  That was the
reason for writing a separate file in the first place.

Oliver Elphick <olly@lfix.co.uk>
LFIX Limited

Reply to: