I was expecting some obscure bug in signature verification or something but nope it’s a basic tempfile attack, the sort most of us learned how to avoid in shell scripts decades ago.
Sadly I've barely been writing shell scripts for multiple decades, so needed to look this up.
> If an attacker pre-creates the file with relaxed access permissions, then data stored in the temporary file by the application may be accessed, modified or corrupted by an attacker.
I've coded a ton of shell scripts over the years and never actually considered this nor has anyone I know ever intentionally[1] put protections for it in their scripts so I think the original comment may be overestimating when they say "most of us"
With that said, I definitely ill be looking out for this in the future.
[1] I have unintentionally protected against this by using unique names for my temp files.
> If an attacker pre-creates the file with relaxed access permissions, then data stored in the temporary file by the application may be accessed, modified or corrupted by an attacker.
https://owasp.org/www-community/vulnerabilities/Insecure_Tem...