401211: snmptrapd when using traphandlers defaults to /tmp for temp files, breaks selinux rules Written-By: Jan Safranek <jsafrane@redhat.com> Use /var/run/net-snmp for temporary files instead of /tmp, which could be attacked by evil user. --- net-snmp-5.3.1/include/net-snmp/net-snmp-config.h.in.orig 2006-05-26 18:36:06.000000000 +0200 +++ net-snmp-5.3.1/include/net-snmp/net-snmp-config.h.in 2007-12-10 11:11:42.000000000 +0100 @@ -144,7 +144,7 @@ #define UNAMEPROG "/bin/uname" /* pattern for temporary file names */ -#define NETSNMP_TEMP_FILE_PATTERN "/tmp/snmpdXXXXXX" +#define NETSNMP_TEMP_FILE_PATTERN "/var/run/snmpd/snmpdXXXXXX" /* testing code sections. */ #undef SNMP_TESTING_CODE --- net-snmp-5.3.1/acconfig.h.orig 2006-05-26 18:36:06.000000000 +0200 +++ net-snmp-5.3.1/acconfig.h 2007-12-10 11:11:31.000000000 +0100 @@ -144,7 +144,7 @@ #define UNAMEPROG "/bin/uname" /* pattern for temporary file names */ -#define NETSNMP_TEMP_FILE_PATTERN "/tmp/snmpdXXXXXX" +#define NETSNMP_TEMP_FILE_PATTERN "/var/run/snmpd/snmpdXXXXXX" /* testing code sections. */ #undef SNMP_TESTING_CODE