Re: many scripts fail if /tmp/tempfile.$$ exists -> local DOS vulnerability
Jakob Lell wrote:
> many shell scripts use tempfiles like /tmp/tempfile.$$. This creates
> insecure tempfile vulnerabilities. One commonly used fix for this problem
> is to use set -e or/and set -C in the shell script. [...]
Debian already has a general fix for that. It's called tempfile and
it's in package debianutils, which is essential.
> [...]
> Is it a good idea to report bugs against all packages containing this
> local DOS vulnerability?
Yes, but please follow our common guidelines for reporting bugs.
If you plan to submit many of them, ask here before you start.
Reply to: