PTBatcher creates insecure temporary files
Bug #679095 reported by
Bruno Postle
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Hugin |
Fix Released
|
Medium
|
Unassigned |
Bug Description
PTBatcher on Linux maintains a spool file at a predictable location: /tmp/~ptbt0
This allows for a symlink attack on a multi-user system, it also doesn't allow for the possibility of multiple users maintaining different spools on the same machine. The solution is to maintain the spool as a dotfile in the users home directory, e.g. ~/.hugin-spool
Last time this happened in hugin it resulted in a CVE vulnerability being distributed: http://
CVE References
To post a comment you must log in.
I could try to fix it but there are IMHO two ways how to fix it: first is to maintain spool in home directory as you've suggested. The other one is to use mktemp() to create spool in temp with random name.
Which one should be preferred?