Don't use a trivially predictable temporary filename and keep recreating
it again and again, practically begging the Bad Man to insert his symlink underneath it and send us down the path to oblivion. Noticed by: David Lary <dlary@secureworks.net>
This commit is contained in:
parent
a4e130249f
commit
5542f1c473
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=68226
@ -27,7 +27,7 @@ fi
|
||||
|
||||
host=`hostname`
|
||||
export host
|
||||
tmp_output=${TMPDIR:-/tmp}/periodic.$$
|
||||
tmp_output=`mktemp ${TMPDIR:-/tmp}/periodic.XXXXXXXXXX`
|
||||
|
||||
# Execute each executable file in the directory list. If the x bit is not
|
||||
# set, assume the user didn't really want us to muck with it (it's a
|
||||
@ -89,9 +89,10 @@ do
|
||||
esac
|
||||
[ $output = TRUE ] && { cat $tmp_output; empty=FALSE; }
|
||||
fi
|
||||
rm -f $tmp_output
|
||||
cp /dev/null $tmp_output
|
||||
fi
|
||||
done
|
||||
rm -f $tmp_output
|
||||
done
|
||||
if [ $empty = TRUE ]
|
||||
then
|
||||
|
Loading…
Reference in New Issue
Block a user