perl-OSSEC-scripts-0.1-alt1.noarch	unsafe-tmp-usage-in-scripts	fail	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/ossec-update-rules-database.pl: $ grep /tmp/ /usr/bin/ossec-update-rules-database.pl warn($i . " not found\n"); } else { readpipe("echo \"<root>\" > /tmp/".$i->textContent); readpipe("cat " . $ossec->ossecPath() . "/rules/" . $i->textContent . ">> /tmp/".$i->textContent); readpipe("echo \"</root>\" >> /tmp/".$i->textContent); readpipe("sed '/pcre2/d' /tmp/".$i->textContent ); open(my $fh, '<', "/tmp/" . $i->textContent); binmode $fh; my $ruleFile; my $parser = XML::LibXML->new; $parser->set_option("pedantic_parser",0);;