[8720] in bugtraq
OSS nice tmp race
daemon@ATHENA.MIT.EDU (Stefan Laudat)
Fri Dec 18 11:19:27 1998
Date: Thu, 17 Dec 1998 02:12:38 +0200
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Stefan Laudat <stefan@NS.ART.RO>
To: BUGTRAQ@NETSPACE.ORG
Hello all,
While digging in the "soundon" script delivered with the OSS package (the commercial
one, of course), I have discovered something very unusual on line 26
$MODTOOLS/insmod -V > /tmp/oss.tmp 2>&1
# KABOOM! "Hey, Beavis, told ya it was plutonium"
MODVERS=`head -1 /tmp/oss.tmp|sed 's/.* //'`
rm -f /tmp/oss.tmp # too late, buddy!
Nice,huh? Just imagine that almost all soundcards are PnP today, there are few admins that
know how to play with isapnp and ALSA (yeah, it rulez), the soundcfg or soundconf (whatever)
script that comes with RedHat 5.x sucks big time and most of the ppl running LeeNw00x use
OSS that seems to be a very good tool for the average RewT, honestly. And thank God OSS knows
lots of soundcards! Most of you are running the soundon script in rc.local, so the
satisfaction is guaranteed:
ln -s /etc/inittab (next boot you're dead)
Don't worry, support@opensound.com has been already notified so they will correct the bug
ASAP I guess.
BTW there is no bugs@opensound.com, so I love their optimistic way of thinking.
I think the correct code is :
## insert before line 26
if [ -L /tmp/oss.tmp ]
then
logger "Hey,man, you've got a naughty (l)user -- ".`ls -lsa /tmp/oss.tmp`
# die, lam0r! :)
rm /tmp/oss.tmp
fi
Take care :)
--
Stefan Laudat
System Engineer - Dragon Art
"Power comes from the barrel of the gun"
-- Mao Tze Dong
