Date: Thu, 18 Apr 2002 16:50:48 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Thomas Cannon <tcannon@noops.org> Cc: freebsd-questions@FreeBSD.ORG, security-officer@freebsd.org Subject: Re: I think this could be better Message-ID: <20020418165048.A22497@xor.obsecurity.org> In-Reply-To: <20020418121731.O4793-100000@stereophonic.noops.org>; from tcannon@noops.org on Thu, Apr 18, 2002 at 01:03:54PM -0700 References: <20020418121731.O4793-100000@stereophonic.noops.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--h31gzZEtNLTqOjlF Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Apr 18, 2002 at 01:03:54PM -0700, Thomas Cannon wrote: > I just did a "make world" and noticed this go zipping by: >=20 > mkdir -p /tmp/install.33931 > for prog in [ awk cat chflags chmod chown date echo egrep find grep ln > make makewhatis mtree mv perl rm sed sh sysctl test true uname wc zic; do > cp `which $prog` /tmp/install.33931; done >=20 > I killed it and took a look around and saw that yes, indeed, we're > running (via make) a shell script (as root) that makes temporary files in > a world-writable directory, without checking to see if it exists first, w= ith > a predictable name. It's not a world-writable directory unless your umask is fubar. It probably should be using "mktemp -d" though. Kris --h31gzZEtNLTqOjlF Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8v1vXWry0BWjoQKURAnpMAKC4ozYA/qIRxu9hqHWnUBf4b5ZJhQCfZCh3 pF6SJbHvWEVNSpm16iy19l0= =0ynx -----END PGP SIGNATURE----- --h31gzZEtNLTqOjlF-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020418165048.A22497>