Date: Sun, 19 May 2013 15:17:06 -0400 From: Jerry <jerry@seibercom.net> To: freebsd-ports@freebsd.org Subject: Re: Why does Samba requires 777 permissions on /tmp Message-ID: <20130519151706.4d67afe5@scorpio> In-Reply-To: <20130519195639.79464471@raksha.tavi.co.uk> References: <CAFzAeSdgRotc34%2BeyfVHZBA-QGUCWJ1MZDYw1ysRxEV9MhG2BQ@mail.gmail.com> <CADLo83-pFi8E-Wdoyju7YxBmOR67Qr4OWmZA-2x8_Um1F2bwoQ@mail.gmail.com> <CAFzAeSd%2B7oubgZ%2BzSJnmfNPA9v1=T41c=VF0C-sbz=vhyVE_OA@mail.gmail.com> <20130519115232.49f52d01@scorpio> <CADLo83-my3xBj9G9_dT0=FGfvK0jaRFQUhmk_YtRx3h8S_g2%2BQ@mail.gmail.com> <CAFzAeSdhNp3zor_ofMS7P1We6Wgoa5fyxeFFDxq3tPkB2CgYyA@mail.gmail.com> <20130519195639.79464471@raksha.tavi.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 19 May 2013 19:56:39 +0100 Bob Eager articulated: > On Sun, 19 May 2013 13:34:49 -0500 > sindrome <sindrome@gmail.com> wrote: > > > I'm not sure I understand your question. Portupgrade barks about > > the /tmp directory being world writable. I pasted the exact errors > > earlier in this thread. I looked in my path and can't find /tmp in > > there and can't figure how to get rid of ruby complaining unless I > > remove the writable permissions. When I do that my windows desktop > > can't authenticate to my samba server. There has to be a root of > > this problem to make them both work. Is there some other place > > portupgrade is having /tmp amended on without it being in my $PATH? > > I went back and had a closer look at your error message. What I hadn't > done (and neither had you, prior to that) was read and fully digest > the error message. > > portupgrade is calling its 'system()' function to run a command. The > Ruby runtime does a sanity check to make sure that the directories in > the path are secure...and /tmp isn't. I suspect that portupgrade puts > temporary scripts into /tmp, then executes them; this implies that > it's probably chdir'ing to /tmp, then haveing '.' in thge path, or > even just adding /tmp to the path, although I don't think so. > > Anyway, what's insecure is that you don't have the sticky bit set. If > you use: > > chmod 1777 /tmp > > it ought to all work. I have the directory chmod set to "1777" and I still receive the error. It has been set at that for over two years. This problem only started after a "portupgrade" several months ago. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130519151706.4d67afe5>