[8724] in bugtraq
Re: OSS nice tmp race
daemon@ATHENA.MIT.EDU (Pavel Kankovsky)
Fri Dec 18 21:56:30 1998
Date: Fri, 18 Dec 1998 19:39:27 +0100
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Pavel Kankovsky <peak@KERBEROS.TROJA.MFF.CUNI.CZ>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <19981217021238.A5786@art.ro>
On Thu, 17 Dec 1998, Stefan Laudat wrote:
> I think the correct code is :
>
> ## insert before line 26
> if [ -L /tmp/oss.tmp ]
> then
<emotions>
Scream! There is no f... reason why you should do this way.
</emotions>
But there are good reasons why you should NOT. For instace, /tmp/oss.tmp
can be a HARDLINK to some important file. One can make a directory of this
name (denial of service).
Correct solution:
variant 1:
TMPFILE=/var/run/oss.tmp
$MODTOOLS/insmod -V > $TMPFILE
...
variant 2: (if you can't live without a file in /tmp)
TMPFILE=`mktemp /tmp/oss.XXXXXX`
[ -n "$TMPFILE" ] || exit 1 # cannot create a temp file
$MODTOOLS/insmod -V > $TMPFILE
...
(OpenBSD's mktemp is included in all recent versions of RedHat and Debian)
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"NSA GCHQ KGB CIA nuclear conspiration war weapon spy agent... Hi Echelon!"
P.S. A real perfectionist would add some code to prevent a collision
of two concurrent invocations of soundon.
P.S.2 When was that bug reported? soundon in an recent OSS installations I
have seen last week puts the file into the directory it was installed in.
Putting temporary files into /usr is lame but it is certainly better
than /tmp/oss.tmp.
