Home page logo
/

bugtraq logo Bugtraq mailing list archives

OSS nice tmp race
From: stefan () NS ART RO (Stefan Laudat)
Date: Thu, 17 Dec 1998 02:12:38 +0200


                Hello all,

        While digging in the "soundon" script delivered with the OSS package (the commercial
one, of course), I have discovered something very unusual on line 26

$MODTOOLS/insmod -V > /tmp/oss.tmp 2>&1
# KABOOM! "Hey, Beavis,  told ya it was plutonium"
MODVERS=`head -1 /tmp/oss.tmp|sed 's/.* //'`
rm -f /tmp/oss.tmp # too late, buddy!


Nice,huh? Just imagine that almost all soundcards are PnP today, there are few admins that
know how to play with isapnp and ALSA (yeah, it rulez), the soundcfg or soundconf (whatever)
script that comes with RedHat 5.x sucks big time and most of the ppl running LeeNw00x use
OSS that seems to be a very good tool for the average RewT, honestly. And thank God OSS knows
lots of soundcards! Most of you  are running the soundon script in rc.local, so the
satisfaction is guaranteed:


ln -s  /etc/inittab  (next boot you're dead)

Don't worry, support () opensound com has been already notified so they will correct the bug
ASAP I guess.
BTW there is no bugs () opensound com, so I love their  optimistic way of thinking.
I think  the correct code is :

## insert before line 26
if [ -L /tmp/oss.tmp ]
then
logger "Hey,man, you've got a naughty (l)user -- ".`ls -lsa /tmp/oss.tmp`

# die, lam0r! :)

rm /tmp/oss.tmp
fi

Take care :)

--
Stefan Laudat
System Engineer - Dragon Art

"Power comes from the barrel of the gun"

                        -- Mao Tze Dong



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault