pyrpm-0.69-alt2.1.noarch	unsafe-tmp-usage-in-scripts	fail	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/pyrpmkickstart: $ grep -A5 -B5 /tmp/ /usr/bin/pyrpmkickstart return 1 source_dir = stage2_dir+"/mnt/source" target_dir = stage2_dir+"/mnt/sysimage" repos_dir = stage2_dir+"/mnt/repos" # nfs repo base directory cache_dir = stage2_dir+"/tmp/cache" # create mount points create_dir("", source_dir) create_dir("", target_dir) create_dir("", repos_dir) -- # create cache dir pyrpm.rpmconfig.cachedir = cache_dir # global logging create_dir(tempdir, "/tmp") log_filename = tempdir+"/tmp/pyrpmkickstart.log" log_file = pyrpm.logger.FileLog(log_filename) log.info1("Logging to '%s'.", log_filename) log.addInfoLogging("*", log_file, fmt="%(date)s %(label)s%(message)s") log.addDebugLogging("*", log_file, fmt="%(date)s %(label)s%(message)s") # set extra file logging -- del t # create temporary devices which are usable by grub (hda, hda1, ..) devmap = { } # device mapping for disk in hds: dev = "/tmp/%s" % disk copy_device(diskmap[disk]["device"], target_chroot, source_dir=stage2_dir, target=dev) devmap[diskmap[disk]["device"]] = dev for onpart in partitionmap: if partitionmap[onpart].has_key("raid"): pass elif partitionmap[onpart].has_key("volgroup"): # already done pass else: dev = "/tmp/%s%d" % (partitionmap[onpart]["disk"], partitionmap[onpart]["id"]) copy_device(partitionmap[onpart]["device"], target_chroot, source_dir=stage2_dir, target=dev) devmap[partitionmap[onpart]["device"]] = dev -- if not create_file(target_chroot, "/boot/grub/devices.map", content): return 1 # grub setup content = [ '/sbin/grub --batch >/tmp/grub-setup.log <<EOF\n' ] for disk in hds: content.append('device (%s) %s\n' % \ (hdmap[disk], devmap[diskmap[disk]["device"]])) if diskmap[disk].has_key("image"): content.append('geometry (%s) %d %d %d\n' % \ -- hd = "%s,%d" % (hdmap[hd_name], (id-1)) content.append('root (%s)\n' % hd_boot) content.append('setup (%s)\n' % hd) content.append('quit\n') content.append('EOF\n') if not create_file(target_chroot, "/tmp/grub-setup", content, mode=0600): log.error("grub setup failed.") else: try: check_exists(target_chroot, "/sbin/grub") except: log.error("/sbin/grub does not exist, skipping.") else: if run_script("/bin/sh /tmp/grub-setup", target_chroot) != 0: log.error("grub setup failed.") # sanitize lvm - remove cache file if ks.has_key("install"):; 
