Package: wine Version: 0.0.20050725-1 Priority: wishlist Tags: security The winelauncher script provided by wine uses /tmp files unsafely since it hardcodes the location of MSGFILE. This usage could be used by malicious users to conduct symlink attacks. Since the MSGFILE is only created under exceptional conditions I'm setting this bug severity to 'wishlist'.
The attached (untested) patch fixes this issue by using mktemp. Please consider using it to fix the script. Regards Javier
--- winelauncher.in.orig 2005-08-05 19:55:19.000000000 +0200
+++ winelauncher.in 2005-08-05 19:56:40.000000000 +0200
@@ -87,7 +87,8 @@
if [ $? -ne 0 ] ; then
# xmessage not found; make sure the user notices this error
# (GUI users wouldn't even notice if we printed the text on console !)
- MSGFILE=/tmp/WINE_CANNOT_FIND_XMESSAGE
+ MSGFILE=`mktemp -t tempfile.XXXXXX` || { echo "$0: Cannot create temporary
file" >&2; exit 1; }
+ trap " [ -f \"$MSGFILE\" ] && /bin/rm -f -- \"$MSGFILE\"" 0 1 2 3 13 15
cat > $MSGFILE << EOF
Warning:
The Wine launcher is unable to find the xmessage program,
signature.asc
Description: Digital signature
