On Thu, Nov 10, 2005 at 11:17:08AM -0500, Justin Pryzby wrote:
> On Thu, Nov 10, 2005 at 02:31:09PM +0100, Marc Leeman wrote:
> > > (most of these problems are probably inherited from the quake2
> > > packaging you used). You will have to fix most of these before
> > > someone should sponsor the package.
> > > W: quake3-data: possibly-insecure-handling-of-tmp-files-in-maintainer-script postinst:225
> > I use /tmp/ for the place to download the point and demo files. This
> > used to be /root/. Since I do not think temporary installs should be
> > dl'd there, I moved them to tmp. The extraction of the file is done in a
> > dir with tempfile. I could move this one level deeper and again use
> > tmpfile, but from a functional point of view, this does not change much,
> > especially since the warning only kicks in when the default from
> > templates is emptied out in the user interaction.
> Lintian is right, if for the wrong reason.
> tempdir() {
> _TEMPDIR=`tempfile --directory $1 --prefix quake3-data`
> # kill off fresh tempfile
> rm $_TEMPDIR
> mkdir $_TEMPDIR
> echo $_TEMPDIR
> }
> That is a tag + security race condition between rm and mkdir. You'll
> want to use mktemp -d instead.
It's darn broken, but it's not actually a security hole unless something
else makes bogus assumptions about the success of the tempfile function (or
unless it's not being run with set -e, like it's /supposed/ to...).
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
vorlon@debian.org http://www.debian.org/
Attachment:
signature.asc
Description: Digital signature