geeqie-2.5-alt1.x86_64	unsafe-tmp-usage-in-scripts	fail	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/lib64/geeqie/geeqie-camera-import-hook-script: $ grep -A5 -B5 /tmp/ /usr/lib64/geeqie/geeqie-camera-import-hook-script ## # shellcheck disable=2154 if [ "$ACTION" = "download" ] then printf '%s\n' "$ARGUMENT" >> /tmp/geeqie-camera-import-files elif [ "$ACTION" = "stop" ] then zenity --info --title="Geeqie camera download" --text="Import ended" --width=200 --timeout=5 --window-icon=usr/local/share/pixmaps/geeqie.png 2>/dev/null if [ -f /tmp/geeqie-camera-import-files ] then rm /tmp/geeqie-camera-import-files fi fi exit 0 Found error in /usr/lib64/geeqie/geeqie-camera-import: $ grep -A5 -B5 /tmp/ /usr/lib64/geeqie/geeqie-camera-import ## ## Requires gphoto2 ## finish() { if [ -f /tmp/geeqie-camera-import-files ] then rm /tmp/geeqie-camera-import-files fi if [ -p "$zen_pipe" ] then rm "$zen_pipe" -- then zenity --title="Geeqie camera import" --info --width=200 --text="gphoto2 is not installed" 2> /dev/null exit 0 fi if [ -f /tmp/geeqie-camera-import.log ] then rm /tmp/geeqie-camera-import.log fi if [ "$(gphoto2 --auto-detect | wc -l)" -le 2 ] then zenity --error --title="Geeqie camera import" --text="No camera detected" --window-icon=/usr/local/share/pixmaps/geeqie.png --width=250 2> /dev/null -- src_files_sorted=$(mktemp "${TMPDIR:-/tmp}/geeqie.XXXXXXXXXX") dest_files_sorted=$(mktemp "${TMPDIR:-/tmp}/geeqie.XXXXXXXXXX") ( gphoto2 --port "$port" --list-files 2> /tmp/geeqie-camera-import.log | awk -W posix 'BEGIN {LINT = "fatal"} /#/ {print $2}' | sort > "$src_files_sorted" ) | zenity --progress --auto-close --auto-kill --title="Geeqie camera import" --text="Searching for files to download..." --pulsate --window-icon=/usr/local/share/pixmaps/geeqie.png --width=250 error=$(grep -i error /tmp/geeqie-camera-import.log) if [ -n "$error" ] then zenity --text-info --title="Geeqie camera import" - --window-icon=error --width=250 < /tmp/geeqie-camera-import.log 2> /dev/null exit 1 fi find . -maxdepth 1 -type f -exec basename {} \; | sort > "$dest_files_sorted" existing_file_count=$(comm -12 "$src_files_sorted" "$dest_files_sorted" | wc -l) -- then zenity --info --title="Geeqie camera download" --text="No photos to download" --width=250 --window-icon=usr/local/share/pixmaps/geeqie.png 2> /dev/null exit 0 fi if [ -f /tmp/geeqie-camera-import-files ] then rm /tmp/geeqie-camera-import-files fi touch /tmp/geeqie-camera-import-files zen_pipe=$(mktemp -u "${TMPDIR:-/tmp}/geeqie.XXXXXXXXXX") mkfifo "$zen_pipe" gphoto2 --port "$port" --hook-script "$script_dir/"geeqie-camera-import-hook-script --get-all-files --skip-existing 2> /tmp/geeqie-camera-import.log & gphoto2_pid=$! (tail -f "$zen_pipe" 2> /dev/null) | zenity --progress --title="Geeqie camera import" --width=370 --text="Downloading: total: $files_to_load existing: $existing_file_count\n" --auto-close --auto-kill --percentage=0 window-icon=/usr/local/share/pixmaps/geeqie.png 2> /dev/null & zen_pid=$! n=0 while [ -f /tmp/geeqie-camera-import-files ] && [ "$n" -lt 100 ] do i=$(wc -l < "/tmp/geeqie-camera-import-files") n=$(($((i usr 100)) / files_to_load)) printf '%s\n' "$n" > "$zen_pipe" latest_file=$(tail -n 1 /tmp/geeqie-camera-import-files) if [ -z "$latest_file" ] then latest_file="Skipping existing files, if any..." fi printf '#Downloading: total: %s existing: %s\n%s' "$files_to_load existing" "$existing_file_count" "$latest_file" > "$zen_pipe";