Imported Upstream version 0.5.4

[pkg/abook.git] / contrib / ldap-abook / ldap2abook

diff --git a/contrib/ldap-abook/ldap2abook b/contrib/ldap-abook/ldap2abook
index c86de4f85beca354426dea903f6f1eb2b0e58c0d..58b793624ce7b5cec11740431d75e17dde712717 100644 (file)
--- a/contrib/ldap-abook/ldap2abook
+++ b/contrib/ldap-abook/ldap2abook
@@ -11,6 +11,7 @@
 #
 # Author: Mariusz Balewski <M.Balewski@wp.pl>
 # 03.06.2004
+# 29.08.2005 Tried to fix insecure tempfile handling (untested)
 #
 # GPL licensed
 # Feel free to send me your comments
@@ -55,12 +56,16 @@
 ###############################
 ###############################
 
+use File::Temp qw/ :mktemp  /;
+$file = mktemp("/tmp/tmpfileXXXXXXX");
+
+
 require 'comms.pl';
 
-system("ldapsearch -h $HOST $SIMPLEAUTH $AUTHDN $PASS \"$FINDDN=*\" $BASEDN -LLL > /tmp/ldap2abook.tmp");
+system("ldapsearch -h $HOST $SIMPLEAUTH $AUTHDN $PASS \"$FINDDN=*\" $BASEDN -LLL > $file");
 
 $i=0;
-open(F1,"</tmp/ldap2abook.tmp") || die "$TMPERR";
+open(F1,"<$file") || die "$TMPERR";
 open(F2,">$DESTFILE") || die "$DESTFILEERR";
  flock(F1,8);
  flock(F2,8);
@@ -82,7 +87,7 @@ open(F2,">$DESTFILE") || die "$DESTFILEERR";
 close(F2);
 close(F1);
 
-system("rm /tmp/ldap2abook.tmp");
+unlink($file);
 
 print "\n$i ";
 print "$REPORT\n\n";