I noticed bashbug attempts creating temp file first with mktemp, and then falls back to tempfile, and then to just using its own $TMPDIR/bbug.$$.
A malicious user could attempt prepulating bogus files to make it so that mktemp and tempfile fail, and create many symlinks covering your PID range for the $TMPDIR/bbug.$$ to point to your important files. I see bashbug.sh does remove the temp file name is chose and then overwrites it. It has a comment: # this is raceable unless (hopefully) we used mktemp(1) or tempfile(1) Maybe as a third choice use the temp file creation from your configure script as an idea. Use umask 077 and create directory then user can't place symlinks in it. Jeremy C. Reed technical support & remote administration http://www.pugetsoundtechnology.com/ _______________________________________________ Bug-bash mailing list Bug-bash@gnu.org http://lists.gnu.org/mailman/listinfo/bug-bash