[GRASS5] Re: [Pkg-grass-general] Re: [GRASS bug #2877] Insecure tempfile
creation
Hamish
hamish_nospam at yahoo.com
Mon Jan 31 22:25:27 EST 2005
> > > > > Just an update re. less-insecure tempfiles ..
..
> > > Maybe someone can help me with this one:
> > > lib/db/stubs/BUILD.PROTO
>
> My vote is to simply remove this file. Nobody needs it from
> the core 6 developers, AFAIK it's a leftover from GRASS 4.x.
>
> I assume that this will be resolved ASAP in GRASS-CVS.
file removed in CVS.
===
also in cvs:
lib/init/init.sh: /tmp/grass6-.. dir was created with whatever
permissions 'umask' had (could be world-writable). Now read/writable
only by $USER.
check added to lib/init/grass.src for grass-within-grass situation.
- init.sh assumes /bin/sh is bourne like, grass.src didn't?
===
r.terraflow is the only outstanding /tmp fix to be done.
(waiting for an update from Laura)
===
should we add the SUBMITTING file from 5.4.0 to cvs/head?
Hamish
More information about the grass-dev
mailing list