Sisyphus repository
Last update: 1 october 2023 | SRPMs: 18631 | Visits: 37047158
en ru br
ALT Linux repos
S:0.2-alt2
5.0: 0.2-alt2
4.1: 0.2-alt2
4.0: 0.2-alt2
3.0: 0.2-alt2

Group :: Text tools
RPM: impose+

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs and FR  Repocop 


package id status test message
impose+-0.2-alt2.noarch
fail
unsafe-tmp-usage-in-scripts The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/impose: $ grep /tmp/ /usr/bin/impose $ybot=30 unless $ybot; $pages=6 unless defined $pages; $rotdir="L" unless $rotdir; $filename = shift or do { $filename = "/tmp/$ENV{USER}-tmp.ps"; open(TMP, ">$filename"); while(<>) { print TMP; } close(TMP); $do_stdout++; $d... [the rest of the message is skipped]
impose+-0.2-alt2.noarch
ok
checkbashisms
impose+-0.2-alt2.noarch
ok
sisyphus_check
impose+-0.2-alt2.noarch
ok
buildroot
 
design & coding: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
current maintainer: Michael Shigorin