Skip Menu |

Preferred bug tracker

Please visit the preferred bug tracker to report your issue.

This queue is for tickets about the Mail-Audit CPAN distribution.

Report information
The Basics
Id: 1794
Status: resolved
Priority: 0/
Queue: Mail-Audit
People
Owner: Nobody in particular
Requestors: lumpy+cpan [...] the.whole.net
Cc:
AdminCc:
Bug Information
Severity: Important
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Sun Nov 17 17:51:53 2002 Guest - Ticket created
Subject: Insecure /tmp usage in Mail::Audit
I was just about to reinstall Mail::Audit on a server that had a much older version. I noticed that in the current code, it creates terribly insecure temporary files that can no doubt be raced by users to do nasty things. $MIME_PARSER_TMPDIR = "/tmp/".getpwuid($>)."-mailaudit"; ... mkdir ($MIME_PARSER_TMPDIR, 0777); if (! -d $MIME_PARSER_TMPDIR) { $MIME_PARSER_TMPDIR = "/tmp" } $parser->output_under($MIME_PARSER_TMPDIR); I just thought it was worth reporting, but Mail::Audit is fantastic. thanks for writing it.
  Sun Jul 16 15:54:30 2006 rjbs [...] cpan.org - Correspondence added
fixed in subversion-- rjbs
  Sun Jul 16 15:54:31 2006 The RT System itself - Status changed from 'new' to 'open'
  Sun Jul 16 15:54:33 2006 rjbs [...] cpan.org - Status changed from 'open' to 'resolved'