subject:"Bug#709282\: colortest\: insecure use of temporary files"

Bug#709282: colortest: insecure use of temporary files

2013-05-23 Thread Jakub Wilk


Control: found -1 20110624-2

Now I get this:

$ colortest-8
mktemp: failed to create file via template 
`/tmp/tmp./usr/bin/colortest-8.4725.XX': No such file or directory
/usr/bin/colortest-8: [FATAL] Cannnot create temporary file in 
/tmp/tmp./usr/bin/colortest-8.4725


Trying to create temporary files in a directory which might be owned by 
anybody is insecure.


Also, typo: Cannnot - Cannot

--
Jakub Wilk


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#709282: colortest: insecure use of temporary files

2013-05-22 Thread Jakub Wilk


Package: colortest
Version: 20110624-1
Severity: serious
Tags: security
Justification: Policy 10.4

colortest-8 and colortest-16 create temporary files insecurely:

TMP=/tmp/xterm$$
eval '$CMD $OPT $TMP || echo fail $TMP' 2/dev/null

--
Jakub Wilk


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#709282: colortest: insecure use of temporary files

Bug#709282: colortest: insecure use of temporary files

2 matches

Site Navigation

Mail list logo

Footer information