Create temporary files securely.

diff --git a/contrib/findoidjoins/make_oidjoins_check b/contrib/findoidjoins/make_oidjoins_check
index 5106eb1bfd940c1aefdb59852745616158ba89ad..4fc9e61875e080d915bfd80d18b044de58d3f132 100755 (executable)
--- a/contrib/findoidjoins/make_oidjoins_check
+++ b/contrib/findoidjoins/make_oidjoins_check
@@ -10,12 +10,23 @@
 # Caution: you may need to use GNU awk.
 AWK=${AWK:-awk}
 
-INPUTFILE="tmp$$a"
-DUPSFILE="tmp$$b"
-NONDUPSFILE="tmp$$c"
-rm -f $INPUTFILE $DUPSFILE $NONDUPSFILE
+TMP="/tmp/$$"
+trap "rm -rf $TMP" 0 1 2 3 15
 
-trap "rm -f $INPUTFILE $DUPSFILE $NONDUPSFILE" 0 1 2 3 15
+# Create a temporary directory with the proper permissions so no one can
+# intercept our temporary files and cause a security breach.
+OMASK="`umask`"
+umask 077
+if ! mkdir $TMP
+then   echo "Can't create temporary directory $TMP." 1>&2
+       exit 1
+fi
+umask "$OMASK"
+unset OMASK
+
+INPUTFILE="$TMP/a"
+DUPSFILE="$TMP/b"
+NONDUPSFILE="$TMP/c"
 
 # Read input
 cat "$@" >$INPUTFILE