From owner-freebsd-hackers@FreeBSD.ORG Tue Aug 2 11:38:52 2005 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C687B16A420 for ; Tue, 2 Aug 2005 11:38:52 +0000 (GMT) (envelope-from keramida@linux.gr) Received: from rosebud.otenet.gr (rosebud.otenet.gr [195.170.0.94]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8F21343D4C for ; Tue, 2 Aug 2005 11:38:46 +0000 (GMT) (envelope-from keramida@linux.gr) Received: from beatrix.daedalusnetworks.priv (aris.bedc.ondsl.gr [62.103.39.226]) by rosebud.otenet.gr (8.13.4/8.13.4/Debian-1) with SMTP id j72BcbLa025380; Tue, 2 Aug 2005 14:38:37 +0300 Received: from beatrix.daedalusnetworks.priv (localhost [127.0.0.1]) by beatrix.daedalusnetworks.priv (8.13.3+Sun/8.13.3) with ESMTP id j72BcbkW002088; Tue, 2 Aug 2005 14:38:37 +0300 (EEST) Received: (from keramida@localhost) by beatrix.daedalusnetworks.priv (8.13.3+Sun/8.13.3/Submit) id j72Bcaiw002087; Tue, 2 Aug 2005 14:38:36 +0300 (EEST) Date: Tue, 2 Aug 2005 14:38:36 +0300 From: Giorgos Keramidas To: Vasil Dimov Message-ID: <20050802113836.GA2077@beatrix.daedalusnetworks.priv> References: <51934.68.95.232.238.1122957425.squirrel@68.95.232.238> <20050802062937.GA31485@sinanica.bg.datamax> <20050802093348.GC1307@beatrix.daedalusnetworks.priv> <20050802110522.GA85997@sinanica.bg.datamax> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050802110522.GA85997@sinanica.bg.datamax> Cc: freebsd-hackers@freebsd.org Subject: Re: [patch] rc.d/tmp (silly mkdir usage) X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Aug 2005 11:38:52 -0000 On 2005-08-02 14:05, Vasil Dimov wrote: >On Tue, Aug 02, 2005 at 12:33:48PM +0300, Giorgos Keramidas wrote: >>On 2005-08-02 09:29, Vasil Dimov wrote: >>>> *) >>>> - if (/bin/mkdir -p /tmp/.diskless 2> /dev/null); then >>>> - rmdir /tmp/.diskless >>>> + if ( > /tmp/.diskless 2> /dev/null); then >>>> + rm /tmp/.diskless >>>> else >>>> if [ -h /tmp ]; then >>>> echo "*** /tmp is a symlink to a non-writable area!" >>> >>> The thing you suggest is bloody insecure. Just imagine some baduser >>> doing ln -s /etc/passwd /tmp/.diskless before rc.d/tmp gets executed. >>> I guess this is the reason why directory creation is used instead of >>> file creation. >>> >>> I just wonder why a new shell is forked for this test. Simply if >>> /bin/mkdir -p /tmp/.diskless 2> /dev/null ; then would do the same >>> thing without forking a new shell that only executes /bin/mkdir >> >> I think it's because the current shell is allowed to exit if a command >> fails while a conditional test like this is run: >> >> if mkdir /tmp/foo; then >> echo foo >> rmdir /tmp/foo >> fi >> >> and mkdir may fail. > > What do you mean by "allowed to exit"? > sh -e? You're right, of course. I forgot the script I was looking at had the -e option enabled.