From f77df4b1c9109cb25a8c8ad974cd8613bcebcf38 Mon Sep 17 00:00:00 2001
From: MichaelDaum <daum@michaeldaumconsulting.com>
Date: Tue, 11 Jul 2023 13:10:31 +0200
Subject: [PATCH] Item15198: secure default location for tmp files

---
 core/lib/Foswiki.pm | 17 +++--------------
 1 file changed, 3 insertions(+), 14 deletions(-)

diff --git a/core/lib/Foswiki.pm b/core/lib/Foswiki.pm
index 41a2a0001..dd4b0369f 100644
--- a/core/lib/Foswiki.pm
+++ b/core/lib/Foswiki.pm
@@ -46,7 +46,6 @@ use warnings;
 use Assert;
 use Cwd qw( abs_path );
 use Error qw( :try );
-use File::Spec               ();
 use Monitor                  ();
 use CGI                      ();  # Always required to get html generation tags;
 use Digest::MD5              ();  # For passthru and validation
@@ -1828,19 +1827,9 @@ sub new {
    # Foswiki's behavior.
     $defaultUser = 'admin' if ( $Foswiki::cfg{isBOOTSTRAPPING} );
 
-    unless ( $Foswiki::cfg{TempfileDir} ) {
-
-        # Give it a sane default.
-        if ( $^O eq 'MSWin32' ) {
-
-            # Windows default tmpdir is the C: root  use something sane.
-            # Configure does a better job,  it should be run.
-            $Foswiki::cfg{TempfileDir} = $Foswiki::cfg{WorkingDir};
-        }
-        else {
-            $Foswiki::cfg{TempfileDir} = File::Spec->tmpdir();
-        }
-    }
+    # Give it a sane default owned by the current user (see CVE-2011-4116)
+    $Foswiki::cfg{TempfileDir} = $Foswiki::cfg{WorkingDir} . '/tmp'
+      unless $Foswiki::cfg{TempfileDir};
 
     # Cover all the possibilities
     $ENV{TMPDIR} = $Foswiki::cfg{TempfileDir};