Home page logo

bugtraq logo Bugtraq mailing list archives

Re: request-route
From: hzoli () FRONTIERNET NET (Zoltan Hidvegi)
Date: Tue, 29 Jul 1997 01:16:42 -0400

Ariel Biener wrote:
/sbin/request-route is a script. So, the script can be fixed to check for
the lock file, or whatever other security check are needed. No need to
just go and remove before finding a suitable solution.

 A simple solution would be to add a:

        set -o noclobber

In the script, right here:

        sleep 60 &
--->    set -o noclobber
        echo $sleepid > $LOCK
        wait $sleepid

Unfortunately this is still not enough.  The problem is that many (if not
most) shells do not implement noclobber in a race-free way, but even if
they do, noclobber still allows writing to device special files, so a
symlink to /dev/hda will be followed by the shell destroying your master
boot record.  As far as I know, there is no portable way to safely create
lock files in a world-writable directory from a bourne-shell script.

If the script runs as root (as it is the case with request-route), it is
enough to put the lockfile in a directory writable only by root.  Debian
uses /var/run for the request-route lockfile.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]