wakeup uses temporary files insecurly in multiple places in the code.
e.g. this code in data/scripts/wakeup:67 is probably exploitable to place abitrary code into roots crontab. tmpfile=/tmp/wake eval "$dosudo crontab -l >$tmpfile" snoozetime=$(date -d "+$snooze min" "+%M %H %d %m %w") echo "$snoozetime /usr/bin/wakeup $1 $2 >/dev/null 2>&1"\ "#entered by setnextalarm" >>$tmpfile eval "$dosudo crontab $tmpfile; rm $tmpfile"
there also many uses os.system which could be a problem, but I did not check if any of them are exploitable.
wakeup uses temporary files insecurly in multiple places in the code.
e.g. this code in data/scripts/ wakeup: 67 is probably exploitable to place abitrary code into roots crontab.
tmpfile= /tmp/wake
snoozetime =$(date -d "+$snooze min" "+%M %H %d %m %w")
"#entered by setnextalarm" >>$tmpfile
eval "$dosudo crontab -l >$tmpfile"
echo "$snoozetime /usr/bin/wakeup $1 $2 >/dev/null 2>&1"\
eval "$dosudo crontab $tmpfile; rm $tmpfile"
there also many uses os.system which could be a problem, but I did not check if any of them are exploitable.