[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bug#278283: insecure temporary file usage in gettextize and autopoin
From: |
Alexandre Duret-Lutz |
Subject: |
Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd) |
Date: |
Tue, 26 Oct 2004 15:22:28 +0200 |
On Tue, Oct 26, 2004 at 02:41:33PM +0200, Bruno Haible wrote:
>
> Do you have a suggestion how to create temporary files in /tmp in a
> secure way, even on platforms without 'mktemp' program?
Here is what AS_TMPDIR([foo]) produces.
# Create a temporary directory, and hook for its removal unless debugging.
$debug ||
{
trap 'exit_status=$?; rm -rf $tmp && exit $exit_status' 0
trap '{ (exit 1); exit 1; }' 1 2 13 15
}
# Create a (secure) tmp directory for tmp files.
: ${TMPDIR=/tmp}
{
tmp=`(umask 077 && mktemp -d -q "$TMPDIR/fooXXXXXX") 2>/dev/null` &&
test -n "$tmp" && test -d "$tmp"
} ||
{
tmp=$TMPDIR/foo$$-$RANDOM
(umask 077 && mkdir $tmp)
} ||
{
echo "$me: cannot create a temporary directory in $TMPDIR" >&2
{ (exit 1); exit 1; }
}
- Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd), Santiago Vila, 2004/10/25
- Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd), Bruno Haible, 2004/10/26
- Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd),
Alexandre Duret-Lutz <=
- Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd), Bruno Haible, 2004/10/26
- Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd), Thomas Dickey, 2004/10/26
- Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd), Bruno Haible, 2004/10/26
- Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd), Thomas Dickey, 2004/10/27
- Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd), Bruno Haible, 2004/10/26
- Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd), Paul Jarc, 2004/10/26
- Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd), Alexandre Duret-Lutz, 2004/10/26
- Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd), Bruno Haible, 2004/10/26
- Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd), Paul Eggert, 2004/10/26