Red Hat Bugzilla – Bug 63799
xscreensaver/webcollage has somewhat concerning /tmp file handling
Last modified: 2014-03-16 22:27:06 EDT
Description of Problem:
The `webcollage` app in xscreensaver writes out a bunch
of files to /tmp. From a quick look at the code, it doesnt look
to be the most paranoid app around.
Not really a big deal since we dont let users select
`webcollage` from any conveinent manner, and xscreensaver
is designed not to run as root. Just figured I'd file
it while it was on my mind...
The /tmp files are just "webcollage.$PID" so very predictable,
and doesnt look there are any attempts to use mkstemp or
The current version does a form of mkdtemp() in perl.