ossp-pkg/shtool/sh.common 1.23 -> 1.24
--- sh.common 2004/04/07 07:55:02 1.23
+++ sh.common 2005/06/15 08:11:16 1.24
@@ -161,6 +161,7 @@
# establish a temporary file on request
if [ ".$gen_tmpfile" = .yes ]; then
+ # create (explicitly) secure temporary directory
if [ ".$TMPDIR" != . ]; then
tmpdir="$TMPDIR"
elif [ ".$TEMPDIR" != . ]; then
@@ -168,10 +169,19 @@
else
tmpdir="/tmp"
fi
- tmpfile="$tmpdir/.shtool.$$"
- rm -f $tmpfile >/dev/null 2>&1
- touch $tmpfile
- chmod 600 $tmpfile
+ tmpdir="$tmpdir/.shtool.$$"
+ ( umask 077
+ rm -rf "$tmpdir" >/dev/null 2>&1 || true
+ mkdir "$tmpdir" >/dev/null 2>&1
+ if [ $? -ne 0 ]; then
+ echo "$msgprefix:Error: failed to create temporary directory \`$tmpdir'" 1>&2
+ exit 1
+ fi
+ )
+
+ # create (implicitly) secure temporary file
+ tmpfile="$tmpdir/shtool.tmp"
+ touch "$tmpfile"
fi
# utility function: map string to lower case
@@ -188,7 +198,7 @@
shtool_exit () {
rc="$1"
if [ ".$gen_tmpfile" = .yes ]; then
- rm -f $tmpfile >/dev/null 2>&1 || true
+ rm -rf "$tmpdir" >/dev/null 2>&1 || true
fi
exit $rc
}
|
|
