From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:36008) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1anpVE-0006LS-AN for qemu-devel@nongnu.org; Wed, 06 Apr 2016 11:36:21 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1anpVD-00082I-FQ for qemu-devel@nongnu.org; Wed, 06 Apr 2016 11:36:20 -0400 References: <1459848109-29756-1-git-send-email-silbe@linux.vnet.ibm.com> <1459848109-29756-2-git-send-email-silbe@linux.vnet.ibm.com> From: Max Reitz Message-ID: <57052CEB.6030305@redhat.com> Date: Wed, 6 Apr 2016 17:36:11 +0200 MIME-Version: 1.0 In-Reply-To: <1459848109-29756-2-git-send-email-silbe@linux.vnet.ibm.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="fUdA9U5oMQqBgMo7VGIWwJJQplln3BKXQ" Subject: Re: [Qemu-devel] [Qemu-block] [PATCH 1/7] qemu-iotests: check: don't place files with predictable names in /tmp List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Sascha Silbe , qemu-devel@nongnu.org, qemu-block@nongnu.org, Kevin Wolf Cc: Tu Bo This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --fUdA9U5oMQqBgMo7VGIWwJJQplln3BKXQ Content-Type: multipart/mixed; boundary="5RmIxKp5xICB26CNQSWcwM3GS9XL24pFk" From: Max Reitz To: Sascha Silbe , qemu-devel@nongnu.org, qemu-block@nongnu.org, Kevin Wolf Cc: Tu Bo Message-ID: <57052CEB.6030305@redhat.com> Subject: Re: [Qemu-block] [PATCH 1/7] qemu-iotests: check: don't place files with predictable names in /tmp References: <1459848109-29756-1-git-send-email-silbe@linux.vnet.ibm.com> <1459848109-29756-2-git-send-email-silbe@linux.vnet.ibm.com> In-Reply-To: <1459848109-29756-2-git-send-email-silbe@linux.vnet.ibm.com> --5RmIxKp5xICB26CNQSWcwM3GS9XL24pFk Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: quoted-printable On 05.04.2016 11:21, Sascha Silbe wrote: > Placing files with predictable or even hard-coded names in /tmp is a > security risk and can prevent or disturb operation on a multi-user > machine. Place them inside the "scratch" directory instead, as we > already do for most other test-related files. >=20 > Signed-off-by: Sascha Silbe > Reviewed-by: Bo Tu > --- > tests/qemu-iotests/check | 21 +++++++++++---------- > 1 file changed, 11 insertions(+), 10 deletions(-) Nice side effect: With this patch it's possible to run multiple instances of the iotests in parallel (for different formats/protocols) without them interfering with each other. Grepping for '/tmp' in the iotests directory yields more occurrences, however: Many tests set the tmp variable to /tmp/$$. Let's see whether we can just remove that or have to replace it by "${TEST_DIR}"/$$. "common.filter" evaluates $tmp, but the single filter that does so is actually never used any more. Other than that, only "common" evaluates it, but "common" is sourced by "check". Thus I think those tests setting $tmp is superfluous and dropping it should be fine. For this patch: Reviewed-by: Max Reitz You decide whether you want to drop the tmp=3D/tmp/$$ lines in the tests in a dedicated (follow-up) patch or include it here. Max --5RmIxKp5xICB26CNQSWcwM3GS9XL24pFk-- --fUdA9U5oMQqBgMo7VGIWwJJQplln3BKXQ Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJXBSzrAAoJEDuxQgLoOKytXuQIAIP0au5PXe2W6e0SPG6N71ag KOujCthcIq2jqCjCbjGLMWPO94/R0KN2yrdNFodBTDp3vlXtaYGFt1DJxN0TLhEz 7XFYq0Zj9i1ePuk+FWA1qpEXBhZZo/d1FlrsboInlwcwxYgtN3nIYVZax5Lyszw5 i/5wfSd1J9t80it6/vTkLDJptPyWV1EQiWqNn12OSajvLCCkBgR24h4zg3o+snXa dpNJU6ZB7TBjUzHa62BKSD6ElGJWnaEqbcwNWsKCXG1FnVqiX5jTbFFmbnVDePOE 74pxJN+0tBz1TREZHFGm1uRy8O5bL8ESsyFnCaDFXXqynGVGmAcpIeBLp+/lgnM= =fySX -----END PGP SIGNATURE----- --fUdA9U5oMQqBgMo7VGIWwJJQplln3BKXQ--