diff options
author | Joey Hess <joeyh@debian.org> | 2009-01-21 13:06:19 -0500 |
---|---|---|
committer | Manoj Srivastava <srivasta@debian.org> | 2009-01-23 11:19:38 -0600 |
commit | 29fbb69e7ecd6ad558edc4e2ca577338808b6310 (patch) | |
tree | 5a52f2808e9aca125118acf5254b5103bf205d13 /ucf | |
parent | 8e5401a768d9b9a7a2e83046180506daa402462a (diff) |
reset diff question after use so contents are not written to disk
Debconf does not use world readable "temporary internal files" as Manoj
hypothesises. Data is only written to disk if it is left in the debconf
database when the frontend (ucf) exits.
Tightening the permissions on the debconf database would break several
things including use of debconf-show in reportbug.
From 27b3c41c531016ffa506987bf4a856345992a204 Mon Sep 17 00:00:00 2001
From: Joey Hess <joey@gnu.kitenet.net>
Date: Wed, 21 Jan 2009 13:03:55 -0500
Subject: [PATCH] reset diff question after use so contents are not written to disk
Closes: Bug#511893 (ucf stores diff (of private files) in debconf
(world readable))
Signed-off-by: Manoj Srivastava <srivasta@debian.org>
Diffstat (limited to 'ucf')
-rwxr-xr-x | ucf | 7 |
1 files changed, 5 insertions, 2 deletions
@@ -71,11 +71,14 @@ show_diff() { if [ "$DEBCONF_OK" = "YES" ] && [ "$DEBIAN_HAS_FRONTEND" ]; then templ=ucf/show_diff db_capb escape - db_reset $templ db_subst $templ DIFF "$(printf %s "$DIFF" | debconf-escape -e)" db_input critical $templ || true - db_go + db_go || true db_get $templ + # may contain sensitive information, so clear + # immediatly after use so it is never written + # to disk + db_reset $templ db_capb else echo "$DIFF" | sensible-pager |