[Freewx-maint] Bug#775462: python-wxgtk3.0: wx.build.config: insecure use of /tmp

Jakub Wilk jwilk at debian.org
Thu Jan 15 21:35:47 UTC 2015

Package: python-wxgtk3.0
Tags: security

This is how wx.build.config uses temporary files:

                    xmltemp = tempfile.mktemp('.xml')

                    # First run swig to produce the XML file, adding
                    # an extra -D that prevents the old rename
                    # directives from being used
                    cmd = [ swig_cmd ] + swig_args + \
                          [ '-DBUILDING_RENAMERS', '-xmlout', xmltemp ] + \
                          ['-I'+dir, '-o', cpp_file, i_file]
                    msg(' '.join(cmd))

This is insecure, because mktemp() returns just a filename, without 
creating the file on disk. From the documentation: "Use of this function 
may introduce a security hole in your program. By the time you get 
around to doing anything with the file name it returns, someone else may 
have beaten you to the punch."

Jakub Wilk

More information about the Freewx-maint mailing list