Bug #41321 for MediaWiki: Predictable filename in /tmp/

RT for rt.cpan.org

This queue is for tickets about the MediaWiki CPAN distribution.

Report information

The Basics

Id:	41321
Status:	new
Priority:	0/
Queue:	MediaWiki

People

Owner:	Nobody in particular
Requestors:	ANDK [...] cpan.org
Cc:
AdminCc:

Bug Information

Severity:	Important
Broken in:	1.13
Fixed in:	(no value)

History Show all quoted text

Sun Nov 30 13:20:43 2008 ANDK [...] cpan.org - Ticket created

Subject:

Predictable filename in /tmp/

One of the tests in MediaWiki-1.13 creates a file /tmp/mediawiki.msg Predictable files in /tmp/ are a security issue and should by all means be avoided. There are race conditions that can be exploited when users run the tests a root. Besides, it would be polite to clean up the /tmp/ directory at the end of the tests. Thanks,