[8732] in bugtraq
Re: OSS nice tmp race
daemon@ATHENA.MIT.EDU (Dr. Mudge)
Sat Dec 19 01:46:29 1998
Date: Sat, 19 Dec 1998 01:33:55 -0500
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: "Dr. Mudge" <mudge@L0PHT.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <19981218191918.7A51.0@kerberos.troja.mff.cuni.cz>
Another option, if one must remain in the /tmp directory is to use mkdir
and check the return value since mkdir is atomic, then place your
droppings in there (don't forget your umask before-hand :)).
.mudge
On Fri, 18 Dec 1998, Pavel Kankovsky wrote:
> On Thu, 17 Dec 1998, Stefan Laudat wrote:
>
> > I think the correct code is :
> >
> > ## insert before line 26
> > if [ -L /tmp/oss.tmp ]
> > then
>
> <emotions>
> Scream! There is no f... reason why you should do this way.
> </emotions>
>
> But there are good reasons why you should NOT. For instace, /tmp/oss.tmp
> can be a HARDLINK to some important file. One can make a directory of this
> name (denial of service).
>
> Correct solution:
>
> variant 1:
>
> TMPFILE=/var/run/oss.tmp
> $MODTOOLS/insmod -V > $TMPFILE
> ...
>
> variant 2: (if you can't live without a file in /tmp)
>
> TMPFILE=`mktemp /tmp/oss.XXXXXX`
> [ -n "$TMPFILE" ] || exit 1 # cannot create a temp file
> $MODTOOLS/insmod -V > $TMPFILE
> ...
>
> (OpenBSD's mktemp is included in all recent versions of RedHat and Debian)
>
> --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
> "NSA GCHQ KGB CIA nuclear conspiration war weapon spy agent... Hi Echelon!"
>
>
> P.S. A real perfectionist would add some code to prevent a collision
> of two concurrent invocations of soundon.
>
> P.S.2 When was that bug reported? soundon in an recent OSS installations I
> have seen last week puts the file into the directory it was installed in.
> Putting temporary files into /usr is lame but it is certainly better
> than /tmp/oss.tmp.
>
