Fix insecure temporary file and directory creation, error checking (!5) · Merge requests · Debian Edu / upstream / sitesummary

Guido Berhörster requested to merge personal/gber/fix-tmp-file-dir into master Aug 22, 2023

Seurely create a temporary directory using mktemp and check for errors both when creating the directory and wehn changing the current working directory. Place the tarball inside the temporary directory instead of using a predictable file name in /tmp which may lead to a symlink attack. Ensure the temporary directory is always removed.

Fix insecure temporary file and directory creation, error checking

Merge request reports