Bug#903026: pdfsandwich puts world readable files into /tmp

Peter Palfrader Thu, 05 Jul 2018 02:51:24 -0700

Package: pdfsandwich
Version: 0.1.6-1
Severity: important

Hi!


pdfsandwich sometimes puts files into /tmp that are world readable.

This could lead to leaking sensitivie information.

| -rw-------  1 weasel weasel 13005137 Jul  5 10:56 pdfsandwich26360b.ppm
| -rw-------  1 weasel weasel        0 Jul  5 11:02 pdfsandwich28b2ec
| -rw-r--r--  1 weasel weasel        0 Jul  5 11:02 pdfsandwich28b2ec.pdf

Tempfiles probably all want to be go-rwx.

Cheers,
-- 
                            |  .''`.       ** Debian **
      Peter Palfrader       | : :' :      The  universal
 https://www.palfrader.org/ | `. `'      Operating System
                            |   `-    https://www.debian.org/

Bug#903026: pdfsandwich puts world readable files into /tmp

Reply via email to