environment-modules-5.3.1-alt1_2.x86_64	unsafe-tmp-usage-in-scripts	fail	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/Modules/bin/add.modules: $ grep -A5 -B5 /tmp/ /usr/share/Modules/bin/add.modules "$3" > "$2" } # find if certain of the dot files have load lines already findload() { grep "^[ ]*module[ ]*load" "$1" > /tmp/load.$$ } # put common stuff derivatives here $1=.dot_file $2=action $3=shell(csh,sh) $4=skel alternative shdot() { if [ -f "$1" ] then /bin/cat <<! Processing your $1 (your old one is $1.old) ! if cleandot "$1" "/tmp/$1.$$" "$1.old" then if [ "$2" = 'source' ] then /bin/cat <<! Adding sourcing lines at beginning of "$1" -- if [ -f $ETC/profile.modules ] then . $ETC/profile.modules # put your own module loads here ! if [ -s /tmp/load.$$ ] then /bin/cat /tmp/load.$$ >> "$1" else /bin/cat >> "$1" <<! module load null ! fi -- /bin/cat > "$1" <<! if ( -e $ETC/csh.modules ) then source $ETC/csh.modules # put your own module loads here ! if [ -s /tmp/load.$$ ] then /bin/cat /tmp/load.$$ >> "$1" else /bin/cat >> "$1" <<! module load null ! fi /bin/cat >> "$1" <<! endif ! fi /bin/cat "/tmp/$1.$$" >> "$1" && /bin/rm "/tmp/$1.$$" elif [ "$2" = 'alias' ] then /bin/cat <<! Adding alias or function lines at beginning of $1 ! -- set modules_shell="csh" endif alias module 'eval \`/usr/bin/tclsh "/usr/lib64/Modules/libexec/modulecmd.tcl" '\$modules_shell '\!*\`' ! fi /bin/cat "/tmp/$1.$$" >> "$1" && /bin/rm "/tmp/$1.$$" fi else /bin/echo "Had problems with your $1" fi else /bin/cat <<! You had no $1 as I see it. Copying $4 for you. ! /bin/cp "$4" "$1" fi /bin/rm /tmp/load.$$ 2> /dev/null } # process files in $HOME cd "$HOME" || exit 1 if [ -r .bash_profile ]; then; 
