Lintian ReportsBETA

Wpossibly-insecure-handling-of-tmp-files-in-maintainer-script

Tag versions

The tag is present in Lintian version 2.109.24. That is the most recent version we know about.

The named maintainer script appears to access a file or a directory in /tmp or a similar folder for temporary data. Working directly in such folders, which are usually world-writable, can easily lead to serious security or privacy bugs.

Please consider using the mktemp utility from the coreutils package when creating temporary files or directories.

Please refer to Debian Policy Manual section 10.4 for details.

Visibility: warning

Check: maintainer-scripts/temporary-files

The following 13 source packages in the archive triggered the tag 27 times.

There were no overrides.