Bug 1734 - savetextmode/textmode should not use /tmp
Summary: savetextmode/textmode should not use /tmp
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: svgalib
Version: 5.2
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Preston Brown
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 1999-03-24 08:35 UTC by Aleksey Nogin
Modified: 2008-05-01 15:37 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 1999-03-31 20:24:10 UTC

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Aleksey Nogin 1999-03-24 08:35:21 UTC 
In svgalib-1.3.0-3 (RH 5.2 updates) utilities
/usr/bin/savetextmode and /usr/bin/textmode use
/tmp/textregs and /tmp/fontdata . This is bad for two
reasons:

1) tmpwatch would remove those files after 10 days. If the
system is screwed up after that, you are no longer able to
use textmode to recover

2) If some malicious local user created some bogus
/tmp/textregs and /tmp/fontdata after tmpwatch have removed
the ones that were generated by savetextmode and
administrator would run textmode, something bad may happen.
Comment 1 Mike Maher 1999-03-24 21:25:59 UTC 
1) The files will still be kept in /tmp in lieu of having another
place to put them.  It seems that /tmp is the most likely place.

2) this has been fixed.



------- Additional Comments From   03/24/99 17:29 -------
1) After reading FSSTND 1.2 I've got an impression that the most
appropriate place for those files would be something like
/var/lib/svga
Comment 2 Preston Brown 1999-03-31 20:24:59 UTC 
agreed.  This has been changed as of svgalib-1.3.1-4 so that the
temporary files reside in /var/lib/svgalib.
Note You need to log in before you can comment on or make changes to this bug.