[Bug 6655] sa-update might DOS mirrors if TMPDIR unwritable

[bu...@bugzilla.spamassassin.org]

https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6655

--- Comment #1 from Michael Scheidell <sc...@secnap.net> 2011-08-26 21:19:45 UTC ---
Created attachment 4957
  --> https://issues.apache.org/SpamAssassin/attachment.cgi?id=4957
patch doublechecks dir existance and write perms.

without patch, it does, well, nothing good.

add patch:
first, tested on nonexistant dir:

set TMPDIR=/TMPDIR
sa-update -D

ug 26 17:06:12.617 [87393] dbg: gpg: found /usr/local/bin/gpg
Aug 26 17:06:12.617 [87393] dbg: gpg: release trusted key id list:
5E541DC959CB8BAC7C78DFDC4056A61A5244EC45
26C900A46DD40CD5AD24F6D7DEE01987265FA05B
0C2B1D7175B852C64B3CDC716C55397824F434CE
Could not open /TMPDIR: No such file or directory at
/usr/local/lib/perl5/site_perl/5.10.1/Mail/SpamAssassin/Util.pm line 1027.


then, set path to readonly dir:

cd /usr/bin
# touch t.t
touch: t.t: Read-only file system
# TMPDIR=/usr/bin
# export TMPDIR

til: secure_tmpfile failed to create file
'/usr/bin/.spamassassin89328CaYVrOtmp': Read-only file system
Aug 26 17:15:16.676 [89328] info: error closing
/usr/bin/.spamassassin89328CaYVrOtmp: Bad file descriptor
util: secure_tmpfile failed to create file, giving up at
/usr/local/lib/perl5/site_perl/5.10.1/Mail/SpamAssassin/Util.pm line 1066.
fatal: could not create temporary channel content file:

-- 
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.