diff options
| -rw-r--r-- | src/edit_pkg_hier.cc | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/src/edit_pkg_hier.cc b/src/edit_pkg_hier.cc index 7189580e..213a97f6 100644 --- a/src/edit_pkg_hier.cc +++ b/src/edit_pkg_hier.cc @@ -1,6 +1,6 @@ // edit_pkg_hier.cc // -// Copyright (C) 2000-2001, 2004-2006 Daniel Burrows +// Copyright (C) 2000-2001, 2004-2006, 2011 Daniel Burrows // // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License as @@ -332,18 +332,20 @@ bool hier_editor::handle_key(const cw::config::key &k) if(cw::config::global_bindings.key_matches(k, "SaveHier")) { string homedir = get_homedir(); - string cfgfile; if(homedir.empty()) { - show_message(_("Unable to look up your home directory, saving to /tmp/function_pkgs!"), + // This normally will not happen. Don't default to a fixed + // filename to prevent symlink attacks. (Debian bug #612034) + show_message(_("Unable to look up your home directory!"), NULL, cw::get_style("Error")); - cfgfile = "/tmp/function_pkgs"; } else - cfgfile = homedir + "/.aptitude/function_pkgs"; - save_hier(cfgfile); + { + string cfgfile = homedir + "/.aptitude/function_pkgs"; + save_hier(cfgfile); + } } else if(cw::config::global_bindings.key_matches(k, "Quit")) { |