[Pkg-grass-general] Re: [GRASS5] [bug #2877] (grass) Insecure tempfile creation

To: Hamish <hamish_nospam@yahoo.com>
Cc: grass-bugs@intevation.de, 287651@bugs.debian.org, pkg-grass-general@lists.alioth.debian.org, grass5@grass.itc.it
Subject: [Pkg-grass-general] Re: [GRASS5] [bug #2877] (grass) Insecure tempfile creation
From: Glynn Clements <glynn@gclements.plus.com>
Date: Wed, 19 Jan 2005 18:59:30 +0000
Message-id: <[🔎] 16878.44562.769602.51486@gargle.gargle.HOWL>
In-reply-to: <[🔎] 20050118204306.4240a314.hamish_nospam@yahoo.com>
References: <[🔎] 20050118204306.4240a314.hamish_nospam@yahoo.com>

Hamish wrote:

> Just an update re. less-insecure tempfiles ..
> 
> In the upstream GRASS 5.7 CVS[*] pretty much everything in the scripts/
> directory now uses g.tempfile. C modules are next. I am not sure what to
> do with the init scripts & libs where the GRASS tempfile fn's may not be
> available..

Re-write g.tempfile so that it doesn't rely upon GRASS having been
initialised, i.e. just use tempnam() or similar rather than relying
upon G_getenv() etc.

The only code which really needs to use G_tempfile() is code which
creates files within the GRASS database (e.g. G_open_cell_new() etc),
as the files have to reside on the same filesystem as the rest of the
database.

Everything else can use $TMPDIR.

-- 
Glynn Clements <glynn@gclements.plus.com>

Reply to:

Follow-Ups:
- [Pkg-grass-general] Re: [GRASS bug #2877] Insecure tempfile creation
  - From: Hamish <hamish_nospam@yahoo.com>

References:
- [Pkg-grass-general] Re: [GRASS5] [bug #2877] (grass) Insecure tempfile creation
  - From: Hamish <hamish_nospam@yahoo.com>

Prev by Date: Re: [Pkg-grass-general] dupload trouble
Next by Date: [Pkg-grass-general] Uploaded grass 5.7.0+6.0.0beta1-0.dgis.unstable.2 (source i386 all) to debian-gis
Previous by thread: [Pkg-grass-general] mapserver alioth php support?
Next by thread: [Pkg-grass-general] Re: [GRASS bug #2877] Insecure tempfile creation
Index(es):
- Date
- Thread