Changeset 1644 in MondoRescue for branches/2.2.5/mondo/src/mondoarchive/main.c

Timestamp:

Sep 23, 2007, 2:41:29 AM (17 years ago)

Author:

Bruno Cornec

Message:

Apply patch from Andree Leidenfrost, modified a bit to use bkpinfo->tmpdir instead of /tmp
or MINDI_CACHE when appropriate. Fix security issues in mondo
Thanks al ot Andree for catching all those issues.
Will not compile needs more work as bkpinfo->tmpdir isn't available everywhere
Should become a global in 3.x when only containing pointers.

File:

• branches/2.2.5/mondo/src/mondoarchive/main.c (modified) (4 diffs)

branches/2.2.5/mondo/src/mondoarchive/main.c

@@ -506 +506 @@
     }
 
-
-    if (length_of_file("/tmp/changed.files") > 2) {
+    if (length_of_file(MINDI_CACHE"/changed.files") > 2) {
         if (g_text_mode) {
-            log_to_screen
-                ("Type 'less /tmp/changed.files' to see which files don't match the archives");
-        } else {
-            log_msg(1,
-                    "Type 'less /tmp/changed.files' to see which files don't match the archives");
+            log_to_screen("Type 'less "MINDI_CACHE"/changed.files' to see which files don't match the archives");
+        } else {
+            log_msg(1, "Type 'less "MINDI_CACHE"/changed.files' to see which files don't match the archives");
             log_msg(2, "Calling popup_changelist_from_file()");
-            popup_changelist_from_file("/tmp/changed.files");
+            popup_changelist_from_file(MINDI_CACHE"/changed.files");
             log_msg(2, "Returned from popup_changelist_from_file()");
         }
     } else {
-        unlink("/tmp/changed.files");
+        unlink(MINDI_CACHE"/changed.files");
     }
     log_to_screen(say_at_end);
@@ -529 +526 @@
 
     system("rm -f /var/cache/mondo-archive/last-backup.aborted");
-    system("rm -Rf /tmp.mondo.* /mondo.scratch.*");
     if (!retval) {
         printf("Mondoarchive ran OK.\n");
@@ -540 +536 @@
     chdir("/tmp");              // just in case there's something wrong with g_erase_tmpdir_and_scratchdir
     system(g_erase_tmpdir_and_scratchdir);
+
+    /* assemble comand string for deletion of Mondo's tmp directory */
+    sprintf(tmp, "rm -Rf %s", bkpinfo->tmpdir);
+    
     free_libmondo_global_strings();
     paranoid_free(say_at_end);
-    paranoid_free(tmp);
     paranoid_free(bkpinfo);
-
-    unlink("/tmp/filelist.full");
-    unlink("/tmp/filelist.full.gz");
 
     if (!g_cdrom_drive_is_here) {
@@ -557 +553 @@
     /* finalize log file with time stamp */
     log_msg(0, "Time finished: %s", mr_date());
+
+    /* remove Mondo's tmp directory */
+    system(tmp); 
+    paranoid_free(tmp);
 
     if (!g_text_mode) {