wmspaceweather-1.04-alt1_16.x86_64 unsafe-tmp-usage-in-scripts fail The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/GetKp: $ grep -A5 -B5 /tmp/ /usr/bin/GetKp use POSIX (); ($Year, $Month, $Day) = &year_month_day(); if (-e "/tmp/DGD.txt"){ unlink("/tmp/DGD.txt"); } if (-e "/tmp/curind.txt"){ unlink("/tmp/curind.txt"); } $grabcmd = "cd /tmp; wget --passive-ftp --tries 2 -q ftp://ftp.swpc.noaa.gov/pub/indices/DGD.txt"; system "$grabcmd"; -- $Kp{190001016} = 999; $Kp{190001017} = 999; $Kp{190001018} = 999; open(TmpFile, "/tmp/DGD.txt"); while (){ chop; if ($_ =~ /^\d{4} \d{2} \d{2}\s*\d*/ ){ $Date = $_; -- $grabcmd = "cd /tmp; wget --passive-ftp --tries 2 -q ftp://ftp.swpc.noaa.gov/pub/latest/curind.txt"; system "$grabcmd"; %lmonstr = ( "Jan", 1, "Feb", 2, "Mar", 3, "Apr", 4, "May", 5, "Jun", 6, "Jul", 7, "Aug", 8, "Sep", 9, "Oct", 10, "Nov", 11, "Dec", 12); @lval = ($lyear, $lmonstr{$lmon}, $ldom); open(TmpFile, "/tmp/curind.txt"); $count = 10; while (){ chop; if ($_ =~ /^:Geomagnetic_Values: (\d{4}) (.*) (\d{1,2})/){ $y = $_; -- $Result{$key} = $Kp{$key}; ++$n; } } open(TmpFile, ">/tmp/LatestKp.txt"); foreach $key (sort keys %Result ) { if ($Result{$key} > 10) { $Result{$key} = -1; } printf TmpFile "$key $Result{$key}\n"; } -- # # $Gif = "$List[$#List]"; # $Latest = "http://swdcdb.kugi.kyoto-u.ac.jp/dstdir/dst1/q/$Gif"; # # # $grabcmd = "/u/mgh/wwwgrab/wwwgrab $Latest /n/tmp/polar/$Gif"; # system "$grabcmd"; # # # system "convert -crop 0x0 /n/tmp/polar/${Gif} /n/tmp/polar/Dst.rle"; # system "fant -s .5 .5 -o /n/tmp/polar/Dst2.rle /n/tmp/polar/Dst.rle"; # system "convert -frame 4x4 -gamma 3 -crop 0x0 -colors 256 /n/tmp/polar/Dst2.rle /n/leadbelly/belly3/PolarNRT/CEPPAD/IPS/LatestDst.gif"; # # # # #;