Bug 56565 - xsane - mktemp complaints
Summary: xsane - mktemp complaints
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: xsane   
(Show other bugs)
Version: 7.2
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Tim Waugh
QA Contact: David Lawrence
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-11-21 01:08 UTC by Michal Jaegermann
Modified: 2007-04-18 16:38 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-12-11 14:35:48 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Michal Jaegermann 2001-11-21 01:08:33 UTC
Description of Problem:

An xsane recompilation results, among other things, in the following
warning:

xsane-back-gtk.c:344: the use of `mktemp' is dangerous, better use
`mkstemp'

Yes, indeed!  BTW - wouldn't be nicer if xsane would use private
subdirectories in /tmp instead of dropping, and leaving, files
all over the place.

Comment 1 Tim Waugh 2001-11-21 17:16:54 UTC
There are several places that are exploitable.  Analysing further.  Thanks for 
pointing it out.


Comment 2 Tim Waugh 2001-12-11 14:35:43 UTC
It seems Oliver has gone ahead and released 0.82 before we'd agreed on a fix 
to this. :-/


Comment 3 Tim Waugh 2002-01-08 15:41:44 UTC
Fixed by RHSA-2001:171,172.



Note You need to log in before you can comment on or make changes to this bug.