From owner-freebsd-questions@FreeBSD.ORG  Thu Feb 15 04:57:14 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id B5CC216A402
	for <freebsd-questions@freebsd.org>;
	Thu, 15 Feb 2007 04:57:14 +0000 (UTC)
	(envelope-from dan@dan.emsphone.com)
Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101])
	by mx1.freebsd.org (Postfix) with ESMTP id 7BFC013C4A5
	for <freebsd-questions@freebsd.org>;
	Thu, 15 Feb 2007 04:57:14 +0000 (UTC)
	(envelope-from dan@dan.emsphone.com)
Received: from dan.emsphone.com (dan@localhost [127.0.0.1])
	by dan.emsphone.com (8.14.0/8.13.8) with ESMTP id l1F4vDDn081195
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <freebsd-questions@freebsd.org>;
	Wed, 14 Feb 2007 22:57:13 -0600 (CST)
	(envelope-from dan@dan.emsphone.com)
Received: (from dan@localhost)
	by dan.emsphone.com (8.14.0/8.14.0/Submit) id l1F4vCv6081192;
	Wed, 14 Feb 2007 22:57:12 -0600 (CST) (envelope-from dan)
Date: Wed, 14 Feb 2007 22:57:12 -0600
From: Dan Nelson <dnelson@allantgroup.com>
To: Dak Ghatikachalam <dghatikachalam@gmail.com>
Message-ID: <20070215045712.GA1716@dan.emsphone.com>
References: <ba29b9b40702141608p57e63b4bg757f57acd33b0dcf@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <ba29b9b40702141608p57e63b4bg757f57acd33b0dcf@mail.gmail.com>
X-OS: FreeBSD 6.2-STABLE
User-Agent: Mutt/1.5.13 (2006-08-11)
Cc: FreeBSD - Questions <freebsd-questions@freebsd.org>
Subject: Re: Ksh Shell script security question.
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Feb 2007 04:57:14 -0000

In the last episode (Feb 14), Dak Ghatikachalam said:
> I am am puzzled how to secure this code when this shell script is
> being executed.
> 
> ${ORACLE_HOME}/bin/sqlplus -s  <<EOF | tee -a  ${RESTOREFILE}
>        connect system/ugo8990d
>        set heading off
>        set feedback off
>        set pagesize 500
>        select 'SCN_TO_USE | '||max(next_change#)   from V\$LOG_HISTORY;
>        quit
> EOF
> 
> When I run this code from shell script in /tmp directory it spews
> file called /tmp/sh03400.000 in that I have this entire code visible.

I bet if you check the permissions you'll find the file has mode 0600,
which means only the user running the script can read the file (at
least that's what a test using the pdksh port does on my system). 
ksh93 does have a problem, though: it opens a file and immediately
unlinks it, but the file is world-readable for a short time.

Both ksh variants honor the TMPDIR variable, though, so if you create a
~/tmp directory, chmod it so only you can access it, then set
TMPDIR=~/tmp , you will be secure even if you're using ksh93.

-- 
	Dan Nelson
	dnelson@allantgroup.com