Don't trust TMPDIR if we're setuid root. This is used only for the

backing file for an anonymous (memory based) btree, and I don't think that any setuid programs actually use it, but it is better to be safe than sorry. This has been in my tree for a long time, maybe a year or more... Inspired by: Similar changes in OpenBSD, if memory serves (like nearly a year ago)
1998-09-11 05:29:47 +00:00 · 1998-09-11 05:29:47 +00:00 · 77740e7e34
commit 77740e7e34
parent 9bbfa41541
1 changed files with 3 additions and 2 deletions
--- a/lib/libc/db/btree/bt_open.c
+++ b/lib/libc/db/btree/bt_open.c
@ -388,10 +388,11 @@ tmp()
 {
 	sigset_t set, oset;
 	int fd;
-	char *envtmp;
+	char *envtmp = NULL;
 	char path[MAXPATHLEN];

-	envtmp = getenv("TMPDIR");
+	if (issetugid() == 0)
+		envtmp = getenv("TMPDIR");
 	(void)snprintf(path,
 	    sizeof(path), "%s/bt.XXXXXX", envtmp ? envtmp : "/tmp");