yzis/yzis-1.0_alpha1-logging.diff

   1 Disable log file. Fixes a symlink attack vulnerability. See Debian Bug#504680.
   2
   3 diff -Nur -x '*.orig' -x '*~' yzis-1.0~alpha1/libyzis/debug.cpp yzis-1.0~alpha1.new/libyzis/debug.cpp
   4 --- yzis-1.0~alpha1/libyzis/debug.cpp   2008-11-06 20:54:27.000000000 +0100
   5 +++ yzis-1.0~alpha1.new/libyzis/debug.cpp       2008-11-06 20:56:47.000000000 +0100
   6 @@ -112,14 +112,17 @@
   7  #ifdef DEBUG
   8      _level = YZ_DEBUG_LEVEL;
   9  #else
  10 -    _level = YZ_WARNING_LEVEL;
  11 +    _level = YZ_FATAL_LEVEL;
  12  #endif
  13
  14 +    /*
  15  #ifndef YZIS_WIN32_GCC
  16      setDebugOutput( "/tmp/yzisdebug-" + QString(getpwuid(geteuid())->pw_name) + ".log" );
  17  #else
  18      setDebugOutput( "/tmp/yzisdebug.log" );
  19  #endif
  20 +    */
  21 +    setDebugOutput( "stderr" );
  22
  23      // our message handler does not manage to display all messages. So,
  24      // it is better left off disabled at the moment. The last one gets lost