SECURITY fix for dtappintegrate: Use mktemp(1) to generate a template.
Using a fixed filename in /tmp is just begging for a symlink attack ...
This commit is contained in:
Pascal Stumpf
committed by
Jon Trulson
Jon Trulson
parent
6c42732461
commit
f9a70b5165
@@ -300,7 +300,7 @@ FRONTPANEL_FILES=*.fp
|
|||||||
APPMAN_FILES="(*)"
|
APPMAN_FILES="(*)"
|
||||||
|
|
||||||
ID=$(id)
|
ID=$(id)
|
||||||
LOGFILE=/tmp/dtappint.log
|
LOGFILE=$(mktemp /tmp/dtappint.logXXXXXXXXXXXXXXXX)
|
||||||
PATH=CDE_INSTALLATION_TOP/bin:/usr/bin
|
PATH=CDE_INSTALLATION_TOP/bin:/usr/bin
|
||||||
|
|
||||||
XCOMM -------------------------------------------------------------------
|
XCOMM -------------------------------------------------------------------
|
||||||
|
|||||||
Reference in New Issue
Block a user