From owner-freebsd-current@FreeBSD.ORG Wed Aug 10 13:54:09 2005 Return-Path: X-Original-To: freebsd-current@FreeBSD.org Delivered-To: freebsd-current@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0D8A116A41F for ; Wed, 10 Aug 2005 13:54:09 +0000 (GMT) (envelope-from simon@zaphod.nitro.dk) Received: from zaphod.nitro.dk (port324.ds1-khk.adsl.cybercity.dk [212.242.113.79]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8B82643D45 for ; Wed, 10 Aug 2005 13:54:08 +0000 (GMT) (envelope-from simon@zaphod.nitro.dk) Received: by zaphod.nitro.dk (Postfix, from userid 3000) id 13F8211B07; Wed, 10 Aug 2005 15:54:07 +0200 (CEST) Date: Wed, 10 Aug 2005 15:54:07 +0200 From: "Simon L. Nielsen" To: Stefan Bethke Message-ID: <20050810135406.GD851@zaphod.nitro.dk> References: <96153776-0BE4-456F-B573-042E84730DFE@lassitu.de> <20050809220809.GD928@zaphod.nitro.dk> <4204340F-B78E-4913-8B0A-563335266EA9@lassitu.de> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="GvXjxJ+pjyke8COw" Content-Disposition: inline In-Reply-To: <4204340F-B78E-4913-8B0A-563335266EA9@lassitu.de> User-Agent: Mutt/1.5.9i Cc: drvince@anonymnet.net, freebsd-current@FreeBSD.org Subject: Re: More into /etc/rc.d/jail X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Aug 2005 13:54:09 -0000 --GvXjxJ+pjyke8COw Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2005.08.10 00:21:17 +0200, Stefan Bethke wrote: > Am 10.08.2005 um 00:08 schrieb Simon L. Nielsen: >=20 > >On 2005.08.09 23:30:26 +0200, Stefan Bethke wrote: > > > >> sed -e 's/#.*$//' <${mdconfig_conf} |grep -v '^[[:space:]]*$' =20 > >>>/tmp/mdconfig.$$ > > > >Try searching the web for "temporary file symlink attack"... (hint: > >creating temorary files like that is bad, use mktemp). >=20 > Again, thanks for the hint. This was meant as a starting point; it =20 > was hacked together as a stop-gap measure in twenty minutes. (And has =20 > persisted over six months now...) I agree that it's unlikely to be actually exploited, but there might be situations where it can be, which is why I wanted to point out the problem. Hacks have a tendency to stay around exactly like the six month part of your paragraph, which is rather common, :-). > I would be more than happy for someone else taking this script, =20 > polishing it, and getting it committed, so I don't have to rememeber =20 > not nuking it on the next mergemaster :-) I will let the rc.d guru's ponder a bit out how this is done best :-). --=20 Simon L. Nielsen --GvXjxJ+pjyke8COw Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD8DBQFC+gb+h9pcDSc1mlERAuatAJ9RlVJQVQOZ1dM3cyvJnFyERiHhdACeNOe9 /wN9CrZ9tY+BlQvKNnL0e4c= =6Sgg -----END PGP SIGNATURE----- --GvXjxJ+pjyke8COw--