--- etc/faxaddmodem.sh.in
+++ etc/faxaddmodem.sh.in	1998/09/23 13:53:29
@@ -85,9 +85,15 @@
     exit 1
 fi
 
+# security
+TMPDIR=/tmp/.faxaddmodem$$
+umask 077
+rm -rf $TMPDIR
+mkdir $TMPDIR || exit 1
+
 SH=$SCRIPT_SH			# shell for use below
 CPATH=$SPOOL/etc/config		# prefix of configuration file
-OUT=/tmp/addmodem$$		# temp file in which modem output is recorded
+OUT=$TMPDIR/addmodem$$         # temp file in which modem output is recorded
 SVR4UULCKN=$LIBEXEC/lockname	# SVR4 UUCP lock name construction program
 ONDELAY=$LIBEXEC/ondelay	# prgm to open devices blocking on carrier
 CAT="$CAT -u"			# something to do unbuffered reads and writes
@@ -219,7 +225,7 @@
 done
 
 JUNK="$OUT"
-trap "$RMCMD \$JUNK; exit 1" 0 1 2 15
+trap "$RMCMD \$JUNK; $RMCMD -r $TMPDIR; exit 1" 0 1 2 15
 
 if [ ! -d $UUCP_LOCKDIR ]; then
     cat<<EOF
@@ -656,7 +662,7 @@
 # Prompt user for server-related configuration parameters
 # and do consistency checking on what we get.
 #
-PROMPTS=/tmp/faxpr$$
+PROMPTS=$TMPDIR/faxpr$$
 JUNK="$JUNK $PROMPTS"
 while isNotOK $ok; do
     if [ "$ok" != skip ]; then
@@ -832,12 +838,11 @@
 	echo ""
 	echo "Hmm, something seems to be hung, check your modem eh?"
      done)& nagpid=$!
-    trap "$RMCMD \$JUNK; kill $nagpid \$catpid; exit 1" 0 1 2 15
-
+    trap "$RMCMD \$JUNK; $RMCMD -r $TMPDIR; kill $nagpid \$catpid; exit 1" 0 1 2 15
     SendToModem "AT+FCLASS=?" 			# ask for class support
 
     kill $nagpid
-    trap "$RMCMD \$JUNK; test \"\$catpid\" && kill \$catpid; exit 1" 0 1 2 15
+    trap "$RMCMD \$JUNK; $RMCMD -r $TMPDIR; test \"\$catpid\" && kill \$catpid; exit 1" 0 1 2 15
     sleep 1
 
     RESULT=`tr -ds '\015' '\012' < $OUT | tail -1`
@@ -1701,7 +1706,7 @@
     prompt "Are these ok [yes]?"; read ok
 done
 verifyModemRate
-TMPSED=/tmp/faxsed$$; JUNK="$JUNK $TMPSED"
+TMPSED=$TMPDIR/faxsed$$; JUNK="$JUNK $TMPSED"
 (echoServerSedCommands; echoModemSedCommands)>$TMPSED
 
 #
--- etc/faxsetup.sh.in
+++ etc/faxsetup.sh.in	1998/09/23 13:18:40
@@ -1942,11 +1942,15 @@
 
 	PROMPTS=/tmp/faxpr$$
 	JUNK="$JUNK $PROMPTS"
-	$RM $PROMPTS
+        $RM -rf $PROMPTS
 
 	while true; do
 	    if [ "$ok" != skip ]; then
-		test -f $PROMPTS || compilePrompts>$PROMPTS<<EOF
+                test -f $PROMPTS || (
+                set -o noclobber
+                > $PROMPTS || exit 1
+                set +o noclobber
+                compilePrompts>$PROMPTS<<EOF
 #	CountryCode		Country code
 #	AreaCode		Area code
 #	LongDistancePrefix	Long distance dialing prefix
@@ -1969,6 +1973,7 @@
 C#	MaxSendPages		Max number of pages to permit in an outbound job
 S	LogFacility		Syslog facility name for ServerTracing messages
 EOF
+)
 		. $PROMPTS
 	    fi
 	    checkForLocalFile $DialStringRules "dial string rules"
--- etc/probemodem.sh.in
+++ etc/probemodem.sh.in	1998/09/23 13:50:38
@@ -77,6 +77,12 @@
 ONDELAY=$LIBEXEC/ondelay	# prgm to open devices blocking on carrier
 CAT="$CAT -u"			# something to do unbuffered reads and writes
 
+# security
+rm -rf $OUT
+set -o noclobber
+> $OUT || exit 1
+set +o noclobber
+
 while [ -z "$TTY" -o ! -c /dev/$TTY ]; do
     if [ "$TTY" != "" ]; then
 	echo "/dev/$TTY is not a terminal device."
--- util/faxcron.sh.in
+++ util/faxcron.sh.in	1998/09/23 09:54:44
@@ -68,8 +68,14 @@
 TEE=tee
 UPDATE="date +'%D %H:%M' >$LAST"
 
-JUNK=/tmp/faxjunk$$		# temp file used multiple times
-AWKTMP=/tmp/faxawk$$		# temp file for awk program
+JUNK=$TMPDIR/faxjunk$$         # temp file used multiple times
+AWKTMP=$TMPDIR/faxawk$$                # temp file for awk program
+
+# security
+TMPDIR=/tmp/.faxcron.sh$$
+rm -rf $TMPDIR
+mkdir $TMPDIR || exit 1
+
 
 while [ x"$1" != x"" ] ; do
     case $1 in
@@ -85,8 +91,7 @@
     shift
 done
 
-trap "$RM \$AWKTMP \$JUNK; exit 1" 0 1 2 15
-
+trap "$RM \$AWKTMP \$JUNK; $RM -rf $TMPDIR; exit 1" 0 1 2 15
 
 test -z "$LASTRUN" && LASTRUN=`$CAT $LAST 2>/dev/null`
 
@@ -280,7 +285,7 @@
 EOF
 $AWK -f $AWKTMP -v LASTRUN="$LASTRUN" TRANSCRIPT="\
     LOGFILE=log/%s;\
-    TMP=/tmp/faxlog\$\$;\
+    TMP=$TMPDIR/faxlog\$\$;\
     if [ -f \$LOGFILE ]; then\
 	$SED -n -e '/%s %s %s.*SESSION BEGIN/,/SESSION END/p' \$LOGFILE |\
 	$SED -e '/start.*timer/d'\
--- util/recvstats.sh.in
+++ util/recvstats.sh.in	1998/09/23 09:27:55
@@ -120,6 +120,12 @@
 tmpAwk=/tmp/xfer$$
 trap "rm -f $tmpAwk; exit 1" 0 1 2 15
 
+# security
+rm -rf $tmpAwk
+set -o noclobber
+> $tmpAwk || exit 1
+set +o noclobber   
+
 ($CAT<<'EOF'
 #
 # Setup date conversion data structures.
