XFree86 3.3.2's setup tool /tmp race

[root () DEATH GDS RO (Adrian Voinea)]

Hello,

XFree86 3.3.2's setup tool 'xf86config', when it runs 'X -probeonly
-pn -xf86config /tmp/XF86Config.tmp' creates 2 files with mode 644 in
/tmp, XF86Config.tmp and dumbconfig.2 and then erases them:

<...>

Do you want me to run 'X -probeonly' now? y

It is possible that the hardware detection routines in the server will
somehow cause the system to crash and the screen to remain blank. If this
is the case, do not choose this option the next time. The server may need
a Ramdac, ClockChip or special option (e.g. "nolinear" for S3) to probe
and start-up correctly.

Press enter to continue, or ctrl-c to abort.

Running X -probeonly -pn -xf86config /tmp/XF86Config.tmp.
X -probeonly call failed.
No Clocks line inserted.

<...>

If any user links /tmp/XF86Config.tmp or /tmp/dumbconfig.2 to any file on
the system, and the root answers "y" to "Do you want me to run 'X
-probeonly' now?", the file will be overwritten. I believe the
'xf86config' included in the earlier versions of XFree86 has
this problem too. I hope the XFree86 developers will release a patch or at
least fix this problem in XFree86 3.3.3, because this is a serious
problem, because many systems use XFree86.

Regards,

Adrian Voinea