diff options
| -rw-r--r-- | trunk/ChangeLog | 3 | ||||
| -rw-r--r-- | trunk/src/qpkg/qpkg | 6 |
2 files changed, 8 insertions, 1 deletions
diff --git a/trunk/ChangeLog b/trunk/ChangeLog index d530c47..ad0e279 100644 --- a/trunk/ChangeLog +++ b/trunk/ChangeLog @@ -1,3 +1,6 @@ +2004-10-31 Marius Mauch <genone@gentoo.org> + * qpkg: security fix for bug #68846 + 2004-10-20 Karl Trygve Kalleberg <karltk@gentoo.org> * etcat: fixed get_use_vars to get_use_flags, fixes #67349. diff --git a/trunk/src/qpkg/qpkg b/trunk/src/qpkg/qpkg index 0c06094..dd8344b 100644 --- a/trunk/src/qpkg/qpkg +++ b/trunk/src/qpkg/qpkg @@ -13,7 +13,9 @@ ID='$Id$' VERSION=0.`echo ${ID} | cut -d\ -f3` -TMP="/tmp/qpkg-${$}/" +umask 0077 + +TMP="$(mktemp -d -t qpkg-XXXXXX)" rm -rf ${TMP} mkdir -p ${TMP} @@ -228,6 +230,7 @@ ${YL}Examples${NO}: the older ones will have \"damaged\" files. ${PROG} -f /bin/ls print package(s) that own /bin/ls " + rm -rf ${TMP} exit fi @@ -292,6 +295,7 @@ fi -e "s:-[0-9].*$::" \ -e "s:\(^[^/]*/\)\(.*\):${BR}\1${CY}\2${NO}:"|uniq fi + rm -rf ${TMP} exit fi |