Date: Thu, 26 Jan 2006 21:05:39 +0000 (UTC) From: Brooks Davis <brooks@FreeBSD.org> To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sbin/dhclient dhclient-script Message-ID: <200601262105.k0QL5dG6013020@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
brooks 2006-01-26 21:05:39 UTC
FreeBSD src repository
Modified files:
sbin/dhclient dhclient-script
Log:
Fix rev 1.12.
/tmp may not be writeable yet when dhclient is first run via
/etc/rc.d/netif so using it may not work. Also, writing to a
predictable file in /tmp as root is a really bad idea since a malicious
user may be able to win a race and insert a symlink which will allow
them to cause any file to be overwritten. To solve these problems,
create the tempory file in /var/run which will exist this early and is
writable only by root.
Security: Local risk if users can cause dhclient to run on demand
(such as by unplugging and replugging the network cable).
Revision Changes Path
1.14 +1 -1 src/sbin/dhclient/dhclient-script
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200601262105.k0QL5dG6013020>