[8248] in bugtraq
Re: SVGATextMode 1.8 /tmp race
daemon@ATHENA.MIT.EDU (Ben Collins)
Fri Oct 23 13:38:52 1998
Date: Thu, 22 Oct 1998 11:16:47 -0400
Reply-To: Ben Collins <bmc@VISI.NET>
From: Ben Collins <bmc@VISI.NET>
X-To: Adrian Voinea <root@DEATH.GDS.RO>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.4.03.9910212252050.848-100000@Death.GdS.RO>
-----BEGIN PGP SIGNED MESSAGE-----
First off, savetextmode is NOT part of SVGATextMode, it is a script from
svgalib. I checked the savetextmode on my debian 2.0 system (svgalib
1.2.13):
[root@goodguy(11:10am)-~]%cat /usr/bin/savetextmode
#!/bin/sh
set -o noclobber
restoretextmode -w /dev/stdout > /tmp/textregs
restorefont -w /dev/stdout > /tmp/fontdata
The noclobber keeps it from overwriting any files. However, from the
origianl svgalib source the script looks like this:
[root@goodguy(11:13am)-~/svgalib-1.3.0/utils]%cat savetextmode
#!/bin/sh
restoretextmode -w /tmp/textregs
restorefont -w /tmp/fontdata
This WILL overwrite any files. So if you use the base svgalib, then
you have a problem. NOTE: The Debian package for svgalib 1.3 directs the
output to /etc/vga, so it is safe. I'm not sure if redhat has this changed
or not.
On Thu, 21 Oct 1999, Adrian Voinea wrote:
> Hello,
> savetextmode, a utility that comes with SVGATextMode 1.8, saves the text
> mode data in /tmp, in two files with the mode 644:
>
> [/tmp]
> root@Death# ls -lA
> total 1
> drwxrwxrwx 2 root gods 1024 Sep 24 1998 .X11-unix/
>
> [/tmp]
> root@Death# savetextmode
> svgalib: Using S3 driver (Trio64, 4096K).
> svgalib: s3: chipsets newer than S3-864 is not supported well yet.
> svgalib: RAMDAC: Trio64: MCLK = 47.131 MHz
>
> [/tmp]
> root@Death# ls -lA
> total 35
> drwxrwxrwx 2 root gods 1024 Sep 24 1998 .X11-unix/
> -rw-r--r-- 1 root gods 32768 Oct 21 22:56 fontdata
> -rw-r--r-- 1 root gods 385 Oct 21 22:56 textregs
>
- ------------------------------------------------
Ben Collins <b.m.collins@larc.nasa.gov>
UnixGroup Admin - NASA LaRC
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
iQCVAwUBNi9MZCo9WkFm9rsJAQHbbAP9EeG0NUGz0juhWAVe4xX1ax1b7ZWPnC1q
CTGuEn7YvlRSCjRNoNbtaf//YZfubMaJfGf4df3t53FPlD+FfAJsl6d1pT/E5QoS
RCBiT8Y2k2tAPPyXD9zR12vEMyBjEOXf9DZ/U7T40naTr27Pv4rEdmf8arZDtg6m
9gNrLl9nnKk=
=nvuw
-----END PGP SIGNATURE-----
