Репозитории ALT
S: | 2.1.41-alt23 |
5.1: | 2.1.41-alt9 |
4.1: | 2.1.41-alt3.M41.1 |
4.0: | 2.1.35-alt5 |
3.0: | 2.1.25-alt3 |
+backports: | 2.1.29-alt4.0.M30 |
Группа :: Система/Основа
Пакет: menu
id пакета | статус | тест | сообщение |
---|---|---|---|
menu-2.1.41-alt23.x86_64 |
info | unsafe-tmp-usage-in-scripts | The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/doc/menu-2.1.41/examples/cat: $ grep /tmp/ /usr/share/doc/menu-2.1.41/examples/cat #!/bin/sh cat > /tmp/menu-stdin exit 0 #In the good old days of menu-0 compatibility, one had to use: # #This file can be very usefull when you want to run one particular # #men... [the rest of the message is skipped] |
menu-2.1.41-alt23.x86_64 |
ok | checkbashisms | |
menu-2.1.41-alt23.x86_64 |
ok | sisyphus_check | |
menu-2.1.41-alt23.x86_64 |
ok | buildroot | |
menu-debuginfo-2.1.41-alt23.x86_64 |
ok | checkbashisms | |
menu-debuginfo-2.1.41-alt23.x86_64 |
ok | unsafe-tmp-usage-in-scripts | |
menu-debuginfo-2.1.41-alt23.x86_64 |
ok | sisyphus_check | |
menu-debuginfo-2.1.41-alt23.x86_64 |
ok | buildroot |