Date: Wed, 10 Aug 2005 15:54:07 +0200 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: Stefan Bethke <stb@lassitu.de> Cc: drvince@anonymnet.net, freebsd-current@FreeBSD.org Subject: Re: More into /etc/rc.d/jail Message-ID: <20050810135406.GD851@zaphod.nitro.dk> In-Reply-To: <4204340F-B78E-4913-8B0A-563335266EA9@lassitu.de> References: <N1-uLBXxM-zn8@Safe-mail.net> <96153776-0BE4-456F-B573-042E84730DFE@lassitu.de> <20050809220809.GD928@zaphod.nitro.dk> <4204340F-B78E-4913-8B0A-563335266EA9@lassitu.de>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --]
On 2005.08.10 00:21:17 +0200, Stefan Bethke wrote:
> Am 10.08.2005 um 00:08 schrieb Simon L. Nielsen:
>
> >On 2005.08.09 23:30:26 +0200, Stefan Bethke wrote:
> >
> >> sed -e 's/#.*$//' <${mdconfig_conf} |grep -v '^[[:space:]]*$'
> >>>/tmp/mdconfig.$$
> >
> >Try searching the web for "temporary file symlink attack"... (hint:
> >creating temorary files like that is bad, use mktemp).
>
> Again, thanks for the hint. This was meant as a starting point; it
> was hacked together as a stop-gap measure in twenty minutes. (And has
> persisted over six months now...)
I agree that it's unlikely to be actually exploited, but there might
be situations where it can be, which is why I wanted to point out the
problem. Hacks have a tendency to stay around exactly like the six
month part of your paragraph, which is rather common, :-).
> I would be more than happy for someone else taking this script,
> polishing it, and getting it committed, so I don't have to rememeber
> not nuking it on the next mergemaster :-)
I will let the rc.d guru's ponder a bit out how this is done best :-).
--
Simon L. Nielsen
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (FreeBSD)
iD8DBQFC+gb+h9pcDSc1mlERAuatAJ9RlVJQVQOZ1dM3cyvJnFyERiHhdACeNOe9
/wN9CrZ9tY+BlQvKNnL0e4c=
=6Sgg
-----END PGP SIGNATURE-----
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050810135406.GD851>