Date: Thu, 15 Feb 2007 13:17:54 -0500 From: "Dak Ghatikachalam" <dghatikachalam@gmail.com> To: "Dan Nelson" <dnelson@allantgroup.com>, "Thomas Dickey" <dickey@radix.net>, "FreeBSD - Questions" <freebsd-questions@freebsd.org> Subject: Re: Ksh Shell script security question.( SOLVED) Message-ID: <ba29b9b40702151017x73790f4dq5dabf213d2873578@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
On 2/15/07, Dan Nelson <dnelson@allantgroup.com> wrote:
>
> In the last episode (Feb 15), Thomas Dickey said:
> > On Wed, Feb 14, 2007 at 10:57:12PM -0600, Dan Nelson wrote:
> > > In the last episode (Feb 14), Dak Ghatikachalam said:
> > > > I am am puzzled how to secure this code when this shell script is
> > > > being executed.
> > > >
> > > > ${ORACLE_HOME}/bin/sqlplus -s <<EOF | tee -a ${RESTOREFILE}
> [...]
> > > > EOF
> > > >
> > > > When I run this code from shell script in /tmp directory it spews
> > > > file called /tmp/sh03400.000 in that I have this entire code
> > > > visible.
> > >
> > > I bet if you check the permissions you'll find the file has mode
> > > 0600, which means only the user running the script can read the
> > > file (at least that's what a test using the pdksh port does on my
> > > system). ksh93 does have a problem, though: it opens a file and
> > > immediately unlinks it, but the file is world-readable for a short
> > > time.
> >
> > Doesn't it (ksh93, etc) pay attention to umask?
> > If it does, the script should use that feature.
>
> It does honor umask, but I think temp files should be created mode 0600
> in all cases. A person may have a umask of 022 to allow normal files
> to be read by group members but still not want them to see
> here-document contents. They may not even realize that their shell is
> using tempfiles. Some shells use pipes (bash and ash do; zsh uses an
> 0600 tempfile that it immediately unlinks; Solaris sh uses an 0600
> tempfile).
>
> > > Both ksh variants honor the TMPDIR variable, though, so if you create
> a
> > > ~/tmp directory, chmod it so only you can access it, then set
> > > TMPDIR=~/tmp , you will be secure even if you're using ksh93.
> >
> > relatively (it's not a given that people haven't opened up ~/tmp)
>
> I think if someone has gone to the trouble of creating a private ~/tmp
> directory, they probably know what they're doing and know the
> consequences of opening it up.
I appreciate all your response.
Thanks a lot for insight on unix fundementals
The issue I had is solved by doing umask 077 at the start of the script,
so what it did was it created the temporary files with read+write for
owner of the file , and in my process I also create directories while RMAN
backup is being run, so that umask 077 for directory gave rwx for
directories while creation
This problem I had is solved now, it is secure
Thanks
Dak
> --
> Dan Nelson
> dnelson@allantgroup.com
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe@freebsd.org"
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ba29b9b40702151017x73790f4dq5dabf213d2873578>