Date: Wed, 10 Aug 2005 00:08:09 +0200 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: Stefan Bethke <stb@lassitu.de> Cc: drvince@anonymnet.net, freebsd-current@freebsd.org Subject: Re: More into /etc/rc.d/jail Message-ID: <20050809220809.GD928@zaphod.nitro.dk> In-Reply-To: <96153776-0BE4-456F-B573-042E84730DFE@lassitu.de> References: <N1-uLBXxM-zn8@Safe-mail.net> <96153776-0BE4-456F-B573-042E84730DFE@lassitu.de>
next in thread | previous in thread | raw e-mail | index | archive | help
--TiqCXmo5T1hvSQQg
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On 2005.08.09 23:30:26 +0200, Stefan Bethke wrote:
> Am 09.08.2005 um 21:10 schrieb drvince@Safe-mail.net:
[...]
> sed -e 's/#.*$//' <${mdconfig_conf} |grep -v '^[[:space:]]*$' >/tmp/mdco=
nfig.$$
Try searching the web for "temporary file symlink attack"... (hint:
creating temorary files like that is bad, use mktemp).
--=20
Simon L. Nielsen
--TiqCXmo5T1hvSQQg
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (FreeBSD)
iD8DBQFC+SlJh9pcDSc1mlERAhjTAKC4nGMVyCxPp3nUn8OUlRGQqbCw7wCgpQfY
f4sSi/Jxsskb6/OdBps/bS8=
=2j3E
-----END PGP SIGNATURE-----
--TiqCXmo5T1hvSQQg--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050809220809.GD928>