Bug#286370: (fwd) Bug#286370: xdvizilla: Vulnerable to symlink attack in temporary directory
Stefan Ulrich <stefanulrich@users.sourceforge.net> schrieb:
> Hilmar Preusse <hille42@web.de> writes:
>
>> Just FYI. I've checked xdvizilla of teTeX beta too, but I'm not sure,
>> if it has the same bug. At a first glance this is the case.
>
> No, this has been fixed some time ago; see:
> http://sourceforge.net/tracker/?group_id=23164&atid=377580&func=detail&aid=812600
Well, yes and no. The way Thomas Esser does it is probably the best
solution for teTeX, where portability is of high importance. For Linux
distributions, there exist better ways. In Debian, we usually use
mktemp(1) which is said to be safer than tempfile(1), but I don't know
which of these exist in other distributions. Well, a short google search
gives many hits on "mktemp(1)" with suse and redhat, but only suspicious
hits with tempfile(1).
On Debian, we will patch xdvizilla to use mktemp always, because we know
that it will be there; you could also _try_ to use it, similar to
tmpfile=`mktemp 2>/dev/null` || true
test -n "$tmpfile" || ...old code
Regards, Frank
P.S. Dou you know for which derivatives of mozilla xdvizilla is
necessary and/or useful?
--
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer
Reply to: