Package: piglit Version: 0~git20150829-59d7066-1 Severity: normal Hi,
after building the piglit package, I found a directory in /tmp that was named after my user, prefixed with "piglit-". This seems to have been created during the package build. The name of this directory is predictable, which might make this a security problem -- placing data under this name might influence package builds by other users, and the package build should not create any files outside of the build tree (probably except for gcc's temporary files). Simon -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (990, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386, armhf Kernel: Linux 4.8.0-1-amd64 (SMP w/8 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages piglit depends on: ii libc6 2.24-5 ii libdrm-intel1 2.4.73-1 ii libdrm2 2.4.73-1 ii libegl1-mesa [libegl1-x11] 12.0.4-2 ii libgcc1 1:6.2.0-13 ii libgl1-mesa-glx [libgl1] 12.0.4-2 ii libglu1-mesa [libglu1] 9.0.0-2.1 ii libpng12-0 1.2.50-2+deb8u2 ii libstdc++6 6.2.0-13 ii libwaffle-1-0 1.5.2-2 ii libx11-6 2:1.6.3-1 ii libxcb-dri2-0 1.12-1 ii libxrender1 1:0.9.9-2 ii ocl-icd-libopencl1 [libopencl1] 2.2.9-2 ii python-six 1.10.0-3 pn python:any <none> ii zlib1g 1:1.2.8.dfsg-2+b3 piglit recommends no packages. piglit suggests no packages. -- no debconf information
