Don't trust TMPDIR if we're setuid root. This is used only for the

backing file for an anonymous (memory based) btree, and I don't think that any setuid programs actually use it, but it is better to be safe than sorry. This has been in my tree for a long time, maybe a year or more... Inspired by: Similar changes in OpenBSD, if memory serves (like nearly a year ago)
author: imp <imp@FreeBSD.org> 1998-09-11 05:29:47 +0000
committer: imp <imp@FreeBSD.org> 1998-09-11 05:29:47 +0000
commit: be4303492781511ba097a3776fb8fe82ead48882 (patch)
tree: 0f52e25a0102333748f924027f3bea979cea4464 /lib/libc/db
parent: 62616a44cfb0ebcda627090e0f957e34c66ad16b (diff)
download: FreeBSD-src-be4303492781511ba097a3776fb8fe82ead48882.zip
FreeBSD-src-be4303492781511ba097a3776fb8fe82ead48882.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/lib/libc/db/btree/bt_open.c b/lib/libc/db/btree/bt_open.c
index 5fc3168..1b034ce 100644
--- a/lib/libc/db/btree/bt_open.c
+++ b/lib/libc/db/btree/bt_open.c
@@ -388,10 +388,11 @@ tmp()
 {
 	sigset_t set, oset;
 	int fd;
-	char *envtmp;
+	char *envtmp = NULL;
 	char path[MAXPATHLEN];
 
-	envtmp = getenv("TMPDIR");
+	if (issetugid() == 0)
+		envtmp = getenv("TMPDIR");
 	(void)snprintf(path,
 	    sizeof(path), "%s/bt.XXXXXX", envtmp ? envtmp : "/tmp");
author	imp <imp@FreeBSD.org>	1998-09-11 05:29:47 +0000
committer	imp <imp@FreeBSD.org>	1998-09-11 05:29:47 +0000
commit	be4303492781511ba097a3776fb8fe82ead48882 (patch)
tree	0f52e25a0102333748f924027f3bea979cea4464 /lib/libc/db
parent	62616a44cfb0ebcda627090e0f957e34c66ad16b (diff)
download	FreeBSD-src-be4303492781511ba097a3776fb8fe82ead48882.zip FreeBSD-src-be4303492781511ba097a3776fb8fe82ead48882.tar.gz