#10738: insecure temp file in testcc.sh, testcxx.sh
---------------------------+------------------------------------------------
Reporter: vbraun | Owner:
Type: defect | Status: needs_review
Priority: minor | Milestone: sage-5.4
Component: scripts | Resolution:
Keywords: | Work issues:
Report Upstream: N/A | Reviewers:
Authors: | Merged in:
Dependencies: | Stopgaps:
---------------------------+------------------------------------------------
Changes (by vbraun):
* status: new => needs_review
Old description:
> By preparing a suitable symlink, this lets a local attacker at least
> delete any user file:
> {{{
> cd "${TMPDIR:-/tmp}" || exit 2
> TESTFILE=sage-testcc-$$.c
>
> cat >$TESTFILE <<"E*O*F"
> }}}
> Is there any reason for not using mktemp?
>
> Low priority because that is only called during compile time...
New description:
By preparing a suitable symlink, this lets a local attacker at least
delete any user file:
{{{
cd "${TMPDIR:-/tmp}" || exit 2
TESTFILE=sage-testcc-$$.c
cat >$TESTFILE <<"E*O*F"
}}}
Is there any reason for not using mktemp?
Low priority because that is only called during compile time...
Apply [attachment:trac_10738_fix_insecure_temp_file.patch] to the root
repo.
--
--
Ticket URL: <http://trac.sagemath.org/sage_trac/ticket/10738#comment:12>
Sage <http://www.sagemath.org>
Sage: Creating a Viable Open Source Alternative to Magma, Maple, Mathematica,
and MATLAB
--
You received this message because you are subscribed to the Google Groups
"sage-trac" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/sage-trac?hl=en.
