[Bug 327370] New: opensuse-updater-gnome /tmp problem
https://bugzilla.novell.com/show_bug.cgi?id=327370 Summary: opensuse-updater-gnome /tmp problem Product: openSUSE 10.3 Version: RC 1 Platform: Other OS/Version: Other Status: NEW Severity: Critical Priority: P5 - None Component: libzypp AssignedTo: jkupec@novell.com ReportedBy: meissner@novell.com QAContact: kkaempf@novell.com CC: coolo@novell.com, security-team@suse.de Found By: --- /src/zypp/updater-zypper-gui.c fp = g_fopen("/tmp/spawn-zypper", "w+"); /* g_printf("Command complete: %s\n", command_complete->str); */ gint cc = g_fprintf(fp, "%s \n", command_complete->str); fclose(fp); /* g_print("Character Count written to file: %d\n", cc); */ g_chmod("/tmp/spawn-zypper", 0700); g_shell_parse_argv ("sh /tmp/spawn-zypper", &argc, &argv, NULL); - bad /tmp problem, anyone could smuggle in a spawn-zypper file. - why don't you just strart command_complete->str and not use a /tmp file? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=327370
Stephan Kulow
https://bugzilla.novell.com/show_bug.cgi?id=327370
Jörg Kreß
https://bugzilla.novell.com/show_bug.cgi?id=327370#c3
Jörg Kreß
participants (1)
-
bugzilla_noreply@novell.com