[Pkg-clamav-devel] Lintian override (Was: Re: repo set up)

Stephen Gran sgran at debian.org
Sun Sep 7 23:45:43 UTC 2008 

This one time, at band camp, Michael Tautschnig said:
> > I just pushed one change, please check if I did this right and not break anything. :-)
> > 
> > Had a conflict in between, git crash course.
> > 
> 
> To me, things look fine.
> 
> As you started cleaning out the lintian warnings: We also have a warning about
> insecure tmp usage, because of that line in the clamav-base postinst:
> 
> [ -z "$TemporaryDirectory" ] && TemporaryDirectory='/tmp'
> 
> Most probably, mktemp -d would be the safe variant. Should we do so, or is there
> some problem involved in doing so? (The directory created by mktemp -d won't
> persist reboots...) If the latter is the case, we should probably add a lintian
> override.

Yes, the main problem is that the directory will go away on reboots -
that variable is only needed for the config file generation stuff, and
not actually used in the script.  Telling the various daemons to use
directories that disappear out from under them will probably not add
robustness :)

ClamAV already uses a (locally written, sigh) mktemp variant for files
under /tmp.  Probably in this case, a lintian override would be useful,
but I didn't want to do it before, on the off chance that it overrode a
real issue that I introduced later.  Probably this is not a real issue,
but when working alone, you can get a little paranoid.

Cheers,
-- 
 -----------------------------------------------------------------
|   ,''`.                                            Stephen Gran |
|  : :' :                                        sgran at debian.org |
|  `. `'                        Debian user, admin, and developer |
|    `-                                     http://www.debian.org |
 -----------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/attachments/20080908/2fa4e679/attachment.pgp

More information about the Pkg-clamav-devel mailing list