lintian warnings (help)
Hi... I'm just trying to build my latest version
of my TCPQuota, but lintian complains...
----- s n i p p -----
[papadoc]$ lintian -i tcpquota_1.6.13-3_all.deb
W: tcpquota: possibly-insecure-handling-of-tmp-files-in-maintainer-script postinst:66
N:
N: The maintainer script seems to access a file in /tmp or some other
N: temporary directory. Since creating temporary files in a
N: world-writable directory is very dangerous, this is likely to be a
N: security bug. It's suggested that you use the tempfile or mktemp
N: utilities to create temporary files in these directories.
N:
N: If this is just a misinterpretation of some code in your maintainer
N: script, please contact schwarz@monet.m.isar.de about this so that this
N: error gets included in the overrides file for Lintian. (With that,
N: Lintian will ignore this bug in the future.)
N:
N: Have a look at Policy Manual, section 3.3.4 for details.
N:
----- s n i p p -----
This is the line in the postinst:
----- s n i p p -----
TMP_FILE=`mktemp -q /tmp/$0.XXXXXX`
if [ $? -ne 0 ]; then
echo "$0: Can't create temp file, exiting..."
exit 1
fi
----- s n i p p -----
What have I missed? (This is _EXACLY_ as it says in the 'mktemp' manual
page!!!)
--
-------------------------------------------------------------------------------
Turbo ___________ Debian GNU/Linux Unix _IS_ user friendly - it's just
^^^^^ ___ /___(_)__________ _____ __ selective about who its friends are
__ / __ /__ __ \ / / /_ |/_/
_ /// _ /___ / _ / / / /_/ /__> < Turbo Fredriksson Tel: +46-704-697645
\\\/ /_____/_/ /_/ /_/\__,_/ /_/|_| S-415 10 Göteborg turbo@tripnet.se
PGP#788CD1A9 SWEDEN www5.tripnet.se/~turbo
----------- PGP: B7 92 93 0E 06 94 D6 22 98 1F 0B 5B FE 33 A1 0B ------------
--
Serbian Peking quiche KGB SEAL Team 6 counter-intelligence FSF colonel
munitions Rule Psix smuggle Saddam Hussein security Khaddafi [Hello to
all my fans in domestic surveillance]
--
To UNSUBSCRIBE, email to debian-mentors-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: