I don't want to fix qpkg bugs

author genone <genone@gentoo.org>

Sun, 31 Oct 2004 00:43:00 +0000 (00:43 -0000)

committer genone <genone@gentoo.org>

Sun, 31 Oct 2004 00:43:00 +0000 (00:43 -0000)
author genone <genone@gentoo.org>
Sun, 31 Oct 2004 00:43:00 +0000 (00:43 -0000)
committer genone <genone@gentoo.org>
Sun, 31 Oct 2004 00:43:00 +0000 (00:43 -0000)
diff --git a/trunk/ChangeLog b/trunk/ChangeLog

index d530c4795dd99ad347f2f2c442baf0a04c3f5fca..ad0e27965f66aed3564a2dc5df33924cfa96a92f 100644 (file)
--- a/trunk/ChangeLog
+++ b/trunk/ChangeLog
@@ -1,3 +1,6 @@
+2004-10-31 Marius Mauch <genone@gentoo.org>
+       * qpkg: security fix for bug #68846
+
  2004-10-20 Karl Trygve Kalleberg <karltk@gentoo.org>
         * etcat: fixed get_use_vars to get_use_flags, fixes #67349.
  
diff --git a/trunk/src/qpkg/qpkg b/trunk/src/qpkg/qpkg

index 0c06094bb603a507c29957be52001fbf9af84514..dd8344bf946da7ebb0828799577f59dcdb9f816a 100644 (file)
--- a/trunk/src/qpkg/qpkg
+++ b/trunk/src/qpkg/qpkg
@@ -13,7 +13,9 @@
  ID='$Id$'
  VERSION=0.`echo ${ID} | cut -d\  -f3`
  
-TMP="/tmp/qpkg-${$}/"
+umask 0077
+
+TMP="$(mktemp -d -t qpkg-XXXXXX)"
  rm -rf ${TMP}
  mkdir -p ${TMP}
  
@@ -228,6 +230,7 @@ ${YL}Examples${NO}:
                         the older ones will have \"damaged\" files.
    ${PROG} -f /bin/ls   print package(s) that own /bin/ls
  "
+       rm -rf ${TMP}
         exit
  fi
  
@@ -292,6 +295,7 @@ fi
                                         -e "s:-[0-9].*$::" \
                                         -e "s:\(^[^/]*/\)\(.*\):${BR}\1${CY}\2${NO}:"|uniq
         fi
+       rm -rf ${TMP}
         exit
  fi
author	genone <genone@gentoo.org>
	Sun, 31 Oct 2004 00:43:00 +0000 (00:43 -0000)
committer	genone <genone@gentoo.org>
	Sun, 31 Oct 2004 00:43:00 +0000 (00:43 -0000)
trunk/ChangeLog		patch \| blob \| history
trunk/src/qpkg/qpkg		patch \| blob \| history