Date: Wed, 14 Feb 2007 22:57:12 -0600 From: Dan Nelson <dnelson@allantgroup.com> To: Dak Ghatikachalam <dghatikachalam@gmail.com> Cc: FreeBSD - Questions <freebsd-questions@freebsd.org> Subject: Re: Ksh Shell script security question. Message-ID: <20070215045712.GA1716@dan.emsphone.com> In-Reply-To: <ba29b9b40702141608p57e63b4bg757f57acd33b0dcf@mail.gmail.com> References: <ba29b9b40702141608p57e63b4bg757f57acd33b0dcf@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Feb 14), Dak Ghatikachalam said:
> I am am puzzled how to secure this code when this shell script is
> being executed.
>
> ${ORACLE_HOME}/bin/sqlplus -s <<EOF | tee -a ${RESTOREFILE}
> connect system/ugo8990d
> set heading off
> set feedback off
> set pagesize 500
> select 'SCN_TO_USE | '||max(next_change#) from V\$LOG_HISTORY;
> quit
> EOF
>
> When I run this code from shell script in /tmp directory it spews
> file called /tmp/sh03400.000 in that I have this entire code visible.
I bet if you check the permissions you'll find the file has mode 0600,
which means only the user running the script can read the file (at
least that's what a test using the pdksh port does on my system).
ksh93 does have a problem, though: it opens a file and immediately
unlinks it, but the file is world-readable for a short time.
Both ksh variants honor the TMPDIR variable, though, so if you create a
~/tmp directory, chmod it so only you can access it, then set
TMPDIR=~/tmp , you will be secure even if you're using ksh93.
--
Dan Nelson
dnelson@allantgroup.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070215045712.GA1716>