Bug#775139: mktexlsr: insecure use of /tmp
Package: texlive-binaries
Version: 2014.20140926.35254-4
Tags: security
This is how mktexlsr uses temporary files (with boring parts snipped):
treefile="${TMPDIR-/tmp}/mktexlsrtrees$$.tmp"
# ...
while test $# -gt 0; do
# ...
(umask 077
if echo "$1" >>"$treefile"; then :; else
echo "$progname: $treefile: could not append to arg file, goodbye." >&2
exit 1
fi
# ...
done
This is insecure because the filename is predictable and, more
importantly, the program doesn't fail atomically if the file already
exists.
Please use mktemp(1) for creating temporary files.
--
Jakub Wilk
Reply to: