eix icon indicating copy to clipboard operation
eix copied to clipboard
verified publisher icon vaeth

eix-remote fails to create temporary directory on pambase[mktemp] system

Open waptaff opened this issue 4 years ago • 4 comments

Hi.

The mktemp flag on sys-auth/pambase allows the per-user /tmp directory feature (for instance, user fred has TMP and TMPDIR set to /tmp/.private/fred).

Running eix-remote as root gives this error:

mktemp: failed to create directory via template ‘/tmp/.private/root/eix-remote.XXXXXXXX’: Permission denied
 * cannot create temporary directory

I suspect this error is happening because eix-drop-permissions does not involve PAM hence does not reset TMP and TMPDIR.

Perhaps the ${TMPDIR:-/tmp} constructs in /usr/share/eix/eix-functions should be updated to first check if TMPDIR is read/writable.

waptaff avatar Feb 08 '22 20:02 waptaff

It is the caller's responsibility to pass a sane value as TMPDIR. Trying to outsmart the user by re-interpreting that value is calling for trouble and perhaps even opens some attack surface on some systems due to such surprising behavior.

vaeth avatar Feb 08 '22 20:02 vaeth