#10738: insecure temp file in testcc.sh, testcxx.sh
-----------------------+----------------------------------------------------
Reporter: vbraun | Owner:
Type: defect | Status: new
Priority: minor | Milestone:
Component: scripts | Keywords:
Author: | Upstream: N/A
Reviewer: | Merged:
Work_issues: |
-----------------------+----------------------------------------------------
Comment(by jdemeyer):
`mktemp`(1) doesn't allow for extensions like `.c`
{{{
TESTFILE=/tmp/hkldfz-test-for-c-compiler-6sokljkhsdhfdf.$$.c
rm -f $TESTFILE
cat >$TESTFILE <<"E*O*F"
}}}
would be harder (but not impossible) to exploit.
--
Ticket URL: <http://trac.sagemath.org/sage_trac/ticket/10738#comment:3>
Sage <http://www.sagemath.org>
Sage: Creating a Viable Open Source Alternative to Magma, Maple, Mathematica,
and MATLAB
--
You received this message because you are subscribed to the Google Groups
"sage-trac" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/sage-trac?hl=en.
