Comment 2 for bug 164148

As far as I can tell, the filters are spawned directly from tracker, so they share the current working directory. When I looked at the tracker running in my session, its directory was my home directory. The code from one of the filters reads:

 st=/tmp/tempfile.$$
 nice -n19 ssindex -i "$1" > st

Using "st" there instead of "$st" means that the file "st" will be overwritten in the current directory, which, I think in this case is the user's home directory. So, in this case, only msword_filter is actually vulnerable to tempfile races (the others just clobber "st").

I don't have a proof-of-concept for this, I was just doing some code reading.