Red Hat Bugzilla – Bug 1734
savetextmode/textmode should not use /tmp
Last modified: 2008-05-01 11:37:49 EDT
In svgalib-1.3.0-3 (RH 5.2 updates) utilities /usr/bin/savetextmode and /usr/bin/textmode use /tmp/textregs and /tmp/fontdata . This is bad for two reasons: 1) tmpwatch would remove those files after 10 days. If the system is screwed up after that, you are no longer able to use textmode to recover 2) If some malicious local user created some bogus /tmp/textregs and /tmp/fontdata after tmpwatch have removed the ones that were generated by savetextmode and administrator would run textmode, something bad may happen.
1) The files will still be kept in /tmp in lieu of having another place to put them. It seems that /tmp is the most likely place. 2) this has been fixed. ------- Additional Comments From 03/24/99 17:29 ------- 1) After reading FSSTND 1.2 I've got an impression that the most appropriate place for those files would be something like /var/lib/svga
agreed. This has been changed as of svgalib-1.3.1-4 so that the temporary files reside in /var/lib/svgalib.