From f9a70b516520aae19848753f34c0076d7c6bf5e9 Mon Sep 17 00:00:00 2001
From: Pascal Stumpf <Pascal.Stumpf@cubes.de>
Date: Tue, 23 Jul 2013 00:59:23 +0200
Subject: [PATCH] SECURITY fix for dtappintegrate: Use mktemp(1) to generate a
 template.

Using a fixed filename in /tmp is just begging for a symlink attack ...
---
 cde/programs/dtappintegrate/dtappintegrate.src | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cde/programs/dtappintegrate/dtappintegrate.src b/cde/programs/dtappintegrate/dtappintegrate.src
index 6a4f8ab6..3006a87d 100755
--- a/cde/programs/dtappintegrate/dtappintegrate.src
+++ b/cde/programs/dtappintegrate/dtappintegrate.src
@@ -300,7 +300,7 @@ FRONTPANEL_FILES=*.fp
 APPMAN_FILES="(*)"
 
 ID=$(id)
-LOGFILE=/tmp/dtappint.log
+LOGFILE=$(mktemp /tmp/dtappint.logXXXXXXXXXXXXXXXX)
 PATH=CDE_INSTALLATION_TOP/bin:/usr/bin
 
 XCOMM -------------------------------------------------------------------
-- 
2.25.1