Paul, Thanks for this.
On Sat, Jul 19, 2025 at 10:58:02AM +0200, Paul Gevers wrote: > On Sat, 12 Jul 2025 15:38:41 +0100 Mark Hindley <[email protected]> wrote: > > + # Remove any timestamp to force regeneration of all scripts. > > + rm -f /var/tmp/${DPKG_MAINTSCRIPT_PACKAGE}.stamp > > This is a very predictable path. Normally those have security concerns as > anybody on the system can create this file between here and where it's used. > Were those considered? (I haven't checked the code, I only read the patch > here). I did think about it when I first used that path: only the mtime of the .stamp file is used (passed to find's -ctime option). I couldn't think of an adverse security implication. Although, maybe I am not sufficiently imaginative? What have I missed or not considered? Mark
