eina: fix potential security issue.

author Vincent Torri <vincent.torri@gmail.com>

Mon, 12 Oct 2015 23:11:00 +0000 (16:11 -0700)

committer Cedric BAIL <cedric@osg.samsung.com>

Tue, 13 Oct 2015 00:21:59 +0000 (17:21 -0700)
author Vincent Torri <vincent.torri@gmail.com>
Mon, 12 Oct 2015 23:11:00 +0000 (16:11 -0700)
committer Cedric BAIL <cedric@osg.samsung.com>
Tue, 13 Oct 2015 00:21:59 +0000 (17:21 -0700)
diff --git a/src/lib/eina/eina_util.c b/src/lib/eina/eina_util.c

index 886fe3b..b1d05ae 100644 (file)
--- a/src/lib/eina/eina_util.c
+++ b/src/lib/eina/eina_util.c
@@ -85,8 +85,13 @@ eina_environment_tmp_get(void)
  
     return tmp;
  #else
-   tmp = getenv("TMPDIR");
-   if (!tmp) tmp = getenv("XDG_RUNTIME_DIR");
+# if defined(HAVE_GETUID) && defined(HAVE_GETEUID)
+   if (getuid() == geteuid())
+# endif
+     {
+        tmp = getenv("TMPDIR");
+       if (!tmp) tmp = getenv("XDG_RUNTIME_DIR");
+     }
     if (!tmp) tmp = "/tmp";
  
     return tmp;
author	Vincent Torri <vincent.torri@gmail.com>
	Mon, 12 Oct 2015 23:11:00 +0000 (16:11 -0700)
committer	Cedric BAIL <cedric@osg.samsung.com>
	Tue, 13 Oct 2015 00:21:59 +0000 (17:21 -0700)