Subject: Re: pkg/23337 (ispell's munchlist is unsafe (tmp usage))
To: None <reed@netbsd.org, gnats-admin@netbsd.org, pkgsrc-bugs@netbsd.org,>
From: Jeremy C. Reed <reed@NetBSD.org>
List: pkgsrc-bugs
Date: 01/09/2006 17:25:02
The following reply was made to PR pkg/23337; it has been noted by GNATS.

From: "Jeremy C. Reed" <reed@NetBSD.org>
To: gnats-bugs@netbsd.org
Cc: 
Subject: Re: pkg/23337 (ispell's munchlist is unsafe (tmp usage))
Date: Mon, 9 Jan 2006 09:21:06 -0800 (PST)

 On Sun, 8 Jan 2006 salo@netbsd.org wrote:
 
 > ispell uses mktemp for quite some time now.
 
 In the case, that mktemp fails, then it is vulnerable again. Easy to make 
 it fail: just prepopulate all the possible combinations and then precreate 
 all your symlinks to have it overwrite files. (I provided different 
 patches to them back on Nov. 1, 2003.) Same problem in some other scripts 
 there too. I will email the ispell developers about this again.
 
     Jeremy C. Reed
                         ``Of course it runs NetBSD.''
                             http://www.NetBSD.org/