Policy Weekly Issue #4/6: Secure maintainer scripts
- To: Debian Policy <debian-policy@lists.debian.org>
- Subject: Policy Weekly Issue #4/6: Secure maintainer scripts
- From: Christian Schwarz <schwarz@monet.m.isar.de>
- Date: Thu, 23 Oct 1997 22:57:28 +0200 (CEST)
- Message-id: <Pine.LNX.3.96.971023225706.17246N-100000@monet>
Topic 6: Secure maintainer scripts
STATE: APPROVAL
The following policy change has been proposed. It will become official
unless someone objects now:
Any scripts which create files in world-writable directories (i.e.
in /tmp) have to use a mechanism which will fail if a file with
the same name already exists.
The Debian base distribution provides the `tempfile' utility for
use by scripts for this purpose.
----------------------------------------------------------------------------
-- _,, Christian Schwarz
/ o \__ schwarz@monet.m.isar.de, schwarz@schwarz-online.com,
! ___; schwarz@debian.org, schwarz@mathematik.tu-muenchen.de
\ /
\\\______/ ! PGP-fp: 8F 61 EB 6D CF 23 CA D7 34 05 14 5C C8 DC 22 BA
\ / http://fatman.mathematik.tu-muenchen.de/~schwarz/
-.-.,---,-,-..---,-,-.,----.-.-
"DIE ENTE BLEIBT DRAUSSEN!"
Reply to: