bug-gnu-utils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bug#278283: insecure temporary file usage in gettextize and autopoin

From: Alexandre Duret-Lutz
Subject: Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd)
Date: Tue, 26 Oct 2004 15:22:28 +0200 
On Tue, Oct 26, 2004 at 02:41:33PM +0200, Bruno Haible wrote:
>
> Do you have a suggestion how to create temporary files in /tmp in a
> secure way, even on platforms without 'mktemp' program?

Here is what AS_TMPDIR([foo]) produces.


# Create a temporary directory, and hook for its removal unless debugging.
$debug ||
{
  trap 'exit_status=$?; rm -rf $tmp && exit $exit_status' 0
  trap '{ (exit 1); exit 1; }' 1 2 13 15
}

# Create a (secure) tmp directory for tmp files.
: ${TMPDIR=/tmp}
{
  tmp=`(umask 077 && mktemp -d -q "$TMPDIR/fooXXXXXX") 2>/dev/null` &&
  test -n "$tmp" && test -d "$tmp"
}  ||
{
  tmp=$TMPDIR/foo$$-$RANDOM
  (umask 077 && mkdir $tmp)
} ||
{
   echo "$me: cannot create a temporary directory in $TMPDIR" >&2
   { (exit 1); exit 1; }
}
reply via email to
[Prev in Thread] Current Thread [Next in Thread]