From be4303492781511ba097a3776fb8fe82ead48882 Mon Sep 17 00:00:00 2001 From: imp Date: Fri, 11 Sep 1998 05:29:47 +0000 Subject: Don't trust TMPDIR if we're setuid root. This is used only for the backing file for an anonymous (memory based) btree, and I don't think that any setuid programs actually use it, but it is better to be safe than sorry. This has been in my tree for a long time, maybe a year or more... Inspired by: Similar changes in OpenBSD, if memory serves (like nearly a year ago) --- lib/libc/db/btree/bt_open.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'lib/libc') diff --git a/lib/libc/db/btree/bt_open.c b/lib/libc/db/btree/bt_open.c index 5fc3168..1b034ce 100644 --- a/lib/libc/db/btree/bt_open.c +++ b/lib/libc/db/btree/bt_open.c @@ -388,10 +388,11 @@ tmp() { sigset_t set, oset; int fd; - char *envtmp; + char *envtmp = NULL; char path[MAXPATHLEN]; - envtmp = getenv("TMPDIR"); + if (issetugid() == 0) + envtmp = getenv("TMPDIR"); (void)snprintf(path, sizeof(path), "%s/bt.XXXXXX", envtmp ? envtmp : "/tmp"); -- cgit v1.1