From owner-freebsd-security@FreeBSD.ORG Tue Jan 16 01:27:15 2007 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id AAFC316A407 for ; Tue, 16 Jan 2007 01:27:15 +0000 (UTC) (envelope-from erdgeist@erdgeist.org) Received: from elektropost.org (elektropost.org [80.237.196.4]) by mx1.freebsd.org (Postfix) with ESMTP id 069A213C441 for ; Tue, 16 Jan 2007 01:27:14 +0000 (UTC) (envelope-from erdgeist@erdgeist.org) Received: (qmail 95769 invoked by uid 0); 16 Jan 2007 01:26:46 -0000 Received: from fuckup.club.berlin.ccc.de (HELO ?23.23.23.91?) (erdgeist@erdgeist.org@195.160.172.2) by elektropost.org with AES256-SHA encrypted SMTP; 16 Jan 2007 01:26:46 -0000 Message-ID: <45AC29EA.70009@erdgeist.org> Date: Tue, 16 Jan 2007 02:27:06 +0100 From: Dirk Engling User-Agent: Thunderbird 1.5.0.9 (Macintosh/20061207) MIME-Version: 1.0 To: Pawel Jakub Dawidek References: <200701111841.l0BIfWOn015231@freefall.freebsd.org> <45A6DB76.40800@freebsd.org> <20070113112937.GI90718@garage.freebsd.pl> <45ABDC7C.6060407@erdgeist.org> <20070115210826.GA2839@garage.freebsd.pl> <45ABEEEE.4030609@erdgeist.org> <20070115220039.GB2839@garage.freebsd.pl> In-Reply-To: <20070115220039.GB2839@garage.freebsd.pl> X-Enigmail-Version: 0.94.1.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-security@freebsd.org Subject: Re: HEADS UP: Re: FreeBSD Security Advisory FreeBSD-SA-07:01.jail X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jan 2007 01:27:15 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Pawel Jakub Dawidek wrote: > On Mon, Jan 15, 2007 at 10:15:26PM +0100, Dirk Engling wrote: >>>> cp -f ${temp_log} console.log > console.log can still be a softlink. I don't see option for cp(1) which > allows to not following symlinks, so I'd suggest 'mv -f' instead - > rename(2) doesn't follow symlinks. Please try the "cp -f" before guessing, what it might do ;) cp -f removes anything on that location before relinking the new file. Atomically. Exactly, what we need. So since there is nothing that might be a soft link - by definition - it might not be followed. Regards erdgeist -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (Darwin) iD8DBQFFrCnqImmQdUyYEgkRAqcFAJ93O1PjHYbzYrhhZvPvoqhrkTBimQCfX+Fh QSoeWf63jJzIVJdGd0rHa04= =SHur -----END PGP SIGNATURE-----