Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 15 Feb 2007 06:13:55 -0500
From:      Thomas Dickey <dickey@radix.net>
To:        Dan Nelson <dnelson@allantgroup.com>
Cc:        FreeBSD - Questions <freebsd-questions@freebsd.org>
Subject:   Re: Ksh Shell script security question.
Message-ID:  <20070215111355.GA17348@saltmine.radix.net>
In-Reply-To: <20070215045712.GA1716@dan.emsphone.com>
References:  <ba29b9b40702141608p57e63b4bg757f57acd33b0dcf@mail.gmail.com> <20070215045712.GA1716@dan.emsphone.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

--HcAYCG3uE/tztfnV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Feb 14, 2007 at 10:57:12PM -0600, Dan Nelson wrote:
> In the last episode (Feb 14), Dak Ghatikachalam said:
> > I am am puzzled how to secure this code when this shell script is
> > being executed.
> >=20
> > ${ORACLE_HOME}/bin/sqlplus -s  <<EOF | tee -a  ${RESTOREFILE}
> >        connect system/ugo8990d
> >        set heading off
> >        set feedback off
> >        set pagesize 500
> >        select 'SCN_TO_USE | '||max(next_change#)   from V\$LOG_HISTORY;
> >        quit
> > EOF
> >=20
> > When I run this code from shell script in /tmp directory it spews
> > file called /tmp/sh03400.000 in that I have this entire code visible.
>=20
> I bet if you check the permissions you'll find the file has mode 0600,
> which means only the user running the script can read the file (at
> least that's what a test using the pdksh port does on my system).=20
> ksh93 does have a problem, though: it opens a file and immediately
> unlinks it, but the file is world-readable for a short time.

Doesn't it (ksh93, etc) pay attention to umask?
If it does, the script should use that feature.

>=20
> Both ksh variants honor the TMPDIR variable, though, so if you create a
> ~/tmp directory, chmod it so only you can access it, then set
> TMPDIR=3D~/tmp , you will be secure even if you're using ksh93.

relatively (it's not a given that people haven't opened up ~/tmp)

--=20
Thomas E. Dickey
http://invisible-island.net
ftp://invisible-island.net

--HcAYCG3uE/tztfnV
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SunOS)
Comment: For info see http://www.gnupg.org

iD8DBQFF1D/4tIqByHxlDocRAlMhAJ9pVVssmsIfksTz1WDHvhW6xMuMUgCdHQYv
byOThYF0e5k9rkfHcr5ZY/U=
=1kFI
-----END PGP SIGNATURE-----

--HcAYCG3uE/tztfnV--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070215111355.GA17348>