Re: Bug#179125: maintainer scripts tries to exec script in /tmp

To: Thomas Wouters <thomas@xs4all.net>
Cc: Jamie Wilkinson <jamie@anchor.net.au>, 179125@bugs.debian.org, debian-devel@lists.debian.org
Subject: Re: Bug#179125: maintainer scripts tries to exec script in /tmp
From: Oliver Elphick <olly@lfix.co.uk>
Date: 03 Feb 2003 13:15:43 +0000
Message-id: <[🔎] 1044278143.12639.59.camel@linda.lfix.co.uk>
In-reply-to: <[🔎] 20030203120748.GI17342@xs4all.nl>
References: <1043972564.3e39c1d45aa99@anchor.net.au> <[🔎] 1044270057.1386.10.camel@linda.lfix.co.uk> <[🔎] 20030203120748.GI17342@xs4all.nl>

On Mon, 2003-02-03 at 12:07, Thomas Wouters wrote:
> On Mon, Feb 03, 2003 at 11:00:58AM +0000, Oliver Elphick wrote:
> 
> > A temporary script needs to be somewhere, and /tmp is guaranteed to
> > exist and to be available for temporary files.  I don't see how making
> > its contents non-executable contributes anything to security; no-one has
> > /tmp in their path, I hope!
> 
> I assume you can still do 'interpreter ${TMPDIR}/${tmpfile}' to execute it ?

Not easily, because it is passed to start-stop-daemon.  That was the
reason for writing a separate file in the first place.

-- 
Oliver Elphick <olly@lfix.co.uk>
LFIX Limited

Reply to:

Follow-Ups:
- Re: Bug#179125: maintainer scripts tries to exec script in /tmp
  - From: Junichi Uekawa <dancer@netfort.gr.jp>
- Re: Bug#179125: maintainer scripts tries to exec script in /tmp
  - From: Jamie Wilkinson <jamie@anchor.net.au>

References:
- Re: Bug#179125: maintainer scripts tries to exec script in /tmp
  - From: Oliver Elphick <olly@lfix.co.uk>
- Re: Bug#179125: maintainer scripts tries to exec script in /tmp
  - From: Thomas Wouters <thomas@xs4all.net>

Prev by Date: Re: what is libqt3-mt?
Next by Date: Re: Bug#179125: maintainer scripts tries to exec script in /tmp
Previous by thread: Re: Bug#179125: maintainer scripts tries to exec script in /tmp
Next by thread: Re: Bug#179125: maintainer scripts tries to exec script in /tmp
Index(es):
- Date
- Thread