Package: tmpreaper Severity: normal This shell script is secure provided that /tmp in not on NFS:
set -e
tmp=$(tempfile -p w3m.subst.)
while read opt val
do
echo 's/^'$opt'[[:space:]]*.*/'$opt' '$val0'/' >> $tmp
done < /etc/w3m/config
mv -f /etc/w3m/config /etc/w3m/config.dpkg-tmp
sed -f $tmp /etc/w3m/config.dpkg-tmp > /etc/w3m/config
This is a common idiom in shell scripts: Create a temporary file
securely with tempfile, write stuff to it, read stuff from it. If this
shell script is insecure, then Debian contains thousands of insecure
shell scripts. Including the parts of the w3m postinst that I quoted
above.
tmpreaper's README.security would have us belive that this is insecure:
> This calls for the [program] to close the file, and then open it again
> without checking the owner, inode number, etc. [...]. That
> in my book is a problem of the [program], not of tmpreaper
Which is just untrue, in the absense of tmpreaper this is perfectly
secure.
By the way, I also don't appreciate being quoted in that file, or anywhere
else, without proper attribution.
--
see shy jo
signature.asc
Description: Digital signature
