diff options
-rwxr-xr-x | converter/other/anytopnm | 5 | ||||
-rw-r--r-- | doc/HISTORY | 3 | ||||
-rwxr-xr-x | editor/pamstretch-gen | 8 | ||||
-rwxr-xr-x | editor/pnmindex.sh | 5 | ||||
-rwxr-xr-x | editor/ppmquantall | 5 |
5 files changed, 13 insertions, 13 deletions
diff --git a/converter/other/anytopnm b/converter/other/anytopnm index 6c56b5ef..99740f79 100755 --- a/converter/other/anytopnm +++ b/converter/other/anytopnm @@ -507,9 +507,8 @@ else fi tempdir="${TMPDIR-/tmp}/anytopnm.$$" -mkdir $tempdir || { echo "Could not create temporary file. Exiting."; exit 1;} -chmod 700 $tempdir - +mkdir -m 0700 $tempdir || \ + { echo "Could not create temporary file. Exiting."; exit 1;} trap 'rm -rf $tempdir' 0 # Take out all spaces diff --git a/doc/HISTORY b/doc/HISTORY index c4d5ae3d..83553c28 100644 --- a/doc/HISTORY +++ b/doc/HISTORY @@ -6,6 +6,9 @@ CHANGE HISTORY not yet BJH Release 10.40.00 + anytopnm, pnmmargin, pamstretch-gen, ppmquantall: fix + small temporary file security exposure. + pnmmargin: add -plain option. Thanks Prophet of the Way <afu@wta.att.ne.jp>. diff --git a/editor/pamstretch-gen b/editor/pamstretch-gen index cd59a36b..ba0e8188 100755 --- a/editor/pamstretch-gen +++ b/editor/pamstretch-gen @@ -32,12 +32,12 @@ if [ "$1" = "" ]; then fi tempdir="${TMPDIR-/tmp}/pamstretch-gen.$$" -mkdir $tempdir || { echo "Could not create temporary file. Exiting."; exit 1;} -chmod 700 $tempdir -tempfile=$tempdir/pnmig - +mkdir -m 0700 $tempdir || \ + { echo "Could not create temporary file. Exiting."; exit 1;} trap 'rm -rf $tempdir' 0 1 3 15 +tempfile=$tempdir/pnmig + if ! cat $2 >$tempfile 2>/dev/null; then echo 'pamstretch-gen: error reading file' 1>&2 exit 1 diff --git a/editor/pnmindex.sh b/editor/pnmindex.sh index 15ba1abd..dfc5b82a 100755 --- a/editor/pnmindex.sh +++ b/editor/pnmindex.sh @@ -90,9 +90,8 @@ if [ $# -eq 0 ]; then fi tempdir="${TMPDIR-/tmp}/pnmindex.$$" -mkdir $tempdir || { echo "Could not create temporary file. Exiting."; exit 1;} -chmod 700 $tempdir - +mkdir -m 0700 $tempdir || \ + { echo "Could not create temporary file. Exiting."; exit 1;} trap 'rm -rf $tempdir' 0 1 3 15 tmpfile=$tempdir/pi.tmp diff --git a/editor/ppmquantall b/editor/ppmquantall index af1ce22c..7f3d4849 100755 --- a/editor/ppmquantall +++ b/editor/ppmquantall @@ -71,9 +71,8 @@ for i in ${files[@]}; do done tempdir="${TMPDIR-/tmp}/ppmquantall.$$" -mkdir $tempdir || { echo "Could not create temporary file. Exiting."; exit 1;} -chmod 700 $tempdir - +mkdir -m 0700 $tempdir || \ + { echo "Could not create temporary file. Exiting."; exit 1;} trap 'rm -rf $tempdir' 0 1 3 15 all=$tempdir/pqa.all.$$ |