Bugzilla will be upgraded to version 5.0 on December 2, 2018. The outage period for the upgrade will start at 0:00 UTC and have a duration of 12 hours
Bug 63799 - xscreensaver/webcollage has somewhat concerning /tmp file handling
xscreensaver/webcollage has somewhat concerning /tmp file handling
Product: Red Hat Linux
Classification: Retired
Component: xscreensaver (Show other bugs)
i386 Linux
low Severity medium
: ---
: ---
Assigned To: Bill Nottingham
Depends On:
  Show dependency treegraph
Reported: 2002-04-18 16:07 EDT by Adrian Likins
Modified: 2014-03-16 22:27 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2002-06-12 02:47:39 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Adrian Likins 2002-04-18 16:07:13 EDT
Description of Problem:

The `webcollage` app in xscreensaver writes out a bunch
of files to /tmp. From a quick look at the code, it doesnt look
to be the most paranoid app around.

Not really a big deal since we dont let users select
`webcollage` from any conveinent manner, and xscreensaver
is designed not to run as root. Just figured I'd file
it while it was on my mind...

The /tmp files are just "webcollage.$PID" so very predictable,
and doesnt look there are any attempts to use mkstemp or
the like.
Comment 1 Bill Nottingham 2002-08-12 22:36:07 EDT
The current version does a form of mkdtemp() in perl.

Note You need to log in before you can comment on or make changes to this bug.