Date: Tue, 24 Dec 1996 15:56:21 -0600 (CST) From: igor@alecto.physics.uiuc.edu (Igor Roshchin) To: marcs@znep.com (Marc Slemko) Cc: steve@edmweb.com, freebsd-security@freebsd.org Subject: Re: Holes in default cron jobs (fwd) Message-ID: <199612242156.PAA23404@alecto.physics.uiuc.edu> In-Reply-To: <Pine.BSF.3.95.961223224443.19477F-100000@alive.ampr.ab.ca> from "Marc Slemko" at Dec 23, 96 11:01:35 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> Modified: etc security > Log: > Move intermediary file generation to /var partition > > Revision Changes Path > 1.14 +2 -2 src/etc/security > > This change simply does: > > ----snip---- > --- security 1996/06/30 19:35:20 1.13 > +++ security 1996/07/31 06:47:05 1.14 > @@ -15,7 +15,7 @@ > echo "Subject: $host security check output" > > LOG=/var/log > -TMP=/tmp/_secure.$$ > +TMP=/var/run/_secure.$$ > > umask 027 > > ----snip---- > > which secures it by using /var/run, which shouldn't be world writable. Excuse me, I was wondering (it might be stupid, 'cause I am probably about something), why don't do a simple check for existence of the file, something like if ( -f $TMP ) then rm -rf $TMP endif Thanks for the answers, and Merry X-mas and Happy New Year! IgoR aka StR
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199612242156.PAA23404>