vuln-fix: Temporary Directory Hijacking or Information Disclosure

This fixes either Temporary Directory Hijacking, or Temporary Directory Local Information Disclosure.

Weakness: CWE-379: Creation of Temporary File in Directory with Insecure Permissions
Severity: High
CVSSS: 7.3
Detection: CodeQL & OpenRewrite (https://public.moderne.io/recipes/org.openrewrite.java.security.UseFilesCreateTempDirectory)

Reported-by: Jonathan Leitschuh <[email protected]>
Signed-off-by: Jonathan Leitschuh <[email protected]>

Bug-tracker: JLLeitschuh/security-research#10


Co-authored-by: Moderne <[email protected]>

Author: JLLeitschuh

src/main/java/org/jenkinsci/test/acceptance/docker/Docker.java

@@ -10,6 +10,7 @@
 import java.io.InputStream;
 import java.net.URISyntaxException;
 import java.net.URL;
+import java.nio.file.Files;
 import java.util.Collections;
 import java.util.Enumeration;
 import java.util.List;
@@ -154,9 +155,7 @@ public DockerImage build(Class<? extends DockerContainer> fixture, File log) thr
                 throw new AssertionError(fixture + " is missing @DockerFixture");
             }
 
-            File dir = File.createTempFile("Dockerfile", "dir");
-            dir.delete();
-            dir.mkdirs();
+            File dir = Files.createTempDirectory("Dockerfile" + "dir").toFile();
             try {
                 copyDockerfileDirectory(fixture, f, dir);
                 return build("jenkins/" + f.id(), dir, log);