From 5f2a0ecae7ee45d63e4ebc4ed02cf9e006b00324 Mon Sep 17 00:00:00 2001
From: Stefan Nordhausen <nordhaus@informatik.hu-berlin.de>
Date: Sat, 3 Jan 2004 14:45:59 +0000
Subject: [PATCH] Scott James Remnant  <scott@netsplit.com>

* m4/ltmain.in: Don't use the mkdir -p option when creating a
temporary output directory so a symlink attack can't be used to
arbitrarily chmod other directories on the system if libtool
gets run as root.
---
 ChangeLog | 8 ++++++++
 ltmain.in | 2 +-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index cecf1b02b..5f8797708 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2004-01-03  Stefan Nordhausen  <nordhaus@informatik.hu-berlin.de>
+	Scott James Remnant  <scott@netsplit.com>
+
+	* m4/ltmain.in: Don't use the mkdir -p option when creating a
+	temporary output directory so a symlink attack can't be used to
+	arbitrarily chmod other directories on the system if libtool
+	gets run as root.
+
 2004-01-02  Peter O'Gorman  <peter@pogma.com>
 
 	* m4/libtool.m4: Ensure that ${ZSH_VERSION+set} is properly escaped.
diff --git a/ltmain.in b/ltmain.in
index edc9f8fe6..aee690b59 100644
--- a/ltmain.in
+++ b/ltmain.in
@@ -5857,7 +5857,7 @@ relink_command=\"$relink_command\""
 	      tmpdir="/tmp"
 	      test -n "$TMPDIR" && tmpdir="$TMPDIR"
 	      tmpdir="$tmpdir/libtool-$$"
-	      if $mkdir -p "$tmpdir" && chmod 700 "$tmpdir"; then :
+	      if $mkdir "$tmpdir" && chmod 700 "$tmpdir"; then :
 	      else
 		$echo "$modename: error: cannot create temporary directory \`$tmpdir'" 1>&2
 		continue
-- 
2.47.2