Date: Fri, 5 Mar 2010 13:00:13 GMT From: Jon Passki <jon@passki.us> To: freebsd-rc@FreeBSD.org Subject: Re: conf/141258: /etc/rc.d/tmp may act incorrectly based on unprivleged local user actions Message-ID: <201003051300.o25D0Dmt073954@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR conf/141258; it has been noted by GNATS.
From: Jon Passki <jon@passki.us>
To: Jaakko Heinonen <jh@freebsd.org>
Cc: bug-followup@freebsd.org
Subject: Re: conf/141258: /etc/rc.d/tmp may act incorrectly based on
unprivleged local user actions
Date: Fri, 5 Mar 2010 06:29:06 -0600
On Fri, Mar 5, 2010 at 12:15 AM, Jaakko Heinonen <jh@freebsd.org> wrote:
>
> Here is a proposed minimal fix for the problem. mktemp(1) should be
> available because the script requires mountcritremote. (Can someone
> confirm this?)
>
> %%%
> Index: etc/rc.d/tmp
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> --- etc/rc.d/tmp =A0 =A0 =A0 =A0(revision 204194)
> +++ etc/rc.d/tmp =A0 =A0 =A0 =A0(working copy)
> @@ -51,8 +51,8 @@ case "${tmpmfs}" in
> =A0[Nn][Oo])
> =A0 =A0 =A0 =A0;;
> =A0*)
> - =A0 =A0 =A0 if /bin/mkdir -p /tmp/.diskless 2> /dev/null; then
> - =A0 =A0 =A0 =A0 =A0 =A0 =A0 rmdir /tmp/.diskless
> + =A0 =A0 =A0 if _tmpdir=3D$(mktemp -d -q /tmp/.diskless.XXXXXX); then
> + =A0 =A0 =A0 =A0 =A0 =A0 =A0 rmdir ${_tmpdir}
> =A0 =A0 =A0 =A0else
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0if [ -h /tmp ]; then
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0echo "*** /tmp is a symlin=
k to a non-writable area!"
> %%%
>
Seems like an appropriate fix. I don't have a way to test this out at
the moment though.
Jon
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201003051300.o25D0Dmt073954>