From dde6a9975c5a72a19ff9b66a378365735403d250 Mon Sep 17 00:00:00 2001 From: micah Date: Wed, 28 Sep 2005 14:47:51 +0000 Subject: [PATCH] Fixed insecure temporary file creation git-svn-id: http://code.autistici.org/svn/backupninja/trunk@181 758a04ac-41e6-0310-8a23-8373a73cc35d --- backupninja | 9 ++++++++- changelog | 1 + 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/backupninja b/backupninja index e5c55ae..d52f4cd 100755 --- a/backupninja +++ b/backupninja @@ -305,7 +305,14 @@ function process_action() { let "actions_run += 1" # call the handler: - local bufferfile="/tmp/backupninja.buffer.$$" + [ if -x /bin/mktemp ] + then + local bufferfile=`mktemp /tmp/backupninja.buffer.XXXXXXXX` + else + DATE=`date` + sectmp=`echo $DATE | /usr/bin/md5sum | cut -d- -f1` + local bufferfile=/tmp/backupninja.buffer.$sectmp + fi echo "" > $bufferfile echo_debug_msg=1 ( diff --git a/changelog b/changelog index 13b6cd1..8ba0ab5 100644 --- a/changelog +++ b/changelog @@ -1,4 +1,5 @@ removed erroneous magic file marker in pgsql handler + fixed insecure temporary file creation version 0.8 -- September 15 2005 added pgsql (PostgreSQL) handler, with vservers support. added vservers support to duplicity handler -- 2.30.2