Full_Name: Chris Zagar Version: 2.4.48 OS: Linux URL: Submission from: (NULL) (68.98.212.84)
/build/mkdep contains this line:
TMP=/tmp/mkdep$$
that forces the use of the /tmp directory. The /tmp directory is vulnerable to
race conditions. The rest of OpenLDAP obeys the TMPDIR environment variable if
it exists as a mitigation to this risk. Would you please consider changing this
to:
TMP=${TMPDIR-/tmp}/mkdep$$
so this will obey TMPDIR as well?
Thank you.
Chris Zagar
[email protected]
