First Last Prev Next    This bug is not in your last search results.
Bug 1734 - savetextmode/textmode should not use /tmp
savetextmode/textmode should not use /tmp
Status: CLOSED CURRENTRELEASE
Product: Red Hat Linux
Classification: Retired
Component: svgalib (Show other bugs)
5.2
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Preston Brown
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 1999-03-24 03:35 EST by Aleksey Nogin
Modified: 2008-05-01 11:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 1999-03-31 15:24:10 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Aleksey Nogin 1999-03-24 03:35:21 EST 
In svgalib-1.3.0-3 (RH 5.2 updates) utilities
/usr/bin/savetextmode and /usr/bin/textmode use
/tmp/textregs and /tmp/fontdata . This is bad for two
reasons:

1) tmpwatch would remove those files after 10 days. If the
system is screwed up after that, you are no longer able to
use textmode to recover

2) If some malicious local user created some bogus
/tmp/textregs and /tmp/fontdata after tmpwatch have removed
the ones that were generated by savetextmode and
administrator would run textmode, something bad may happen.
Comment 1 Mike Maher 1999-03-24 16:25:59 EST 
1) The files will still be kept in /tmp in lieu of having another
place to put them.  It seems that /tmp is the most likely place.

2) this has been fixed.



------- Additional Comments From   03/24/99 17:29 -------
1) After reading FSSTND 1.2 I've got an impression that the most
appropriate place for those files would be something like
/var/lib/svga
Comment 2 Preston Brown 1999-03-31 15:24:59 EST 
agreed.  This has been changed as of svgalib-1.3.1-4 so that the
temporary files reside in /var/lib/svgalib.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.