Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: OSS nice tmp race
From: mudge () L0PHT COM (Dr. Mudge)
Date: Sat, 19 Dec 1998 01:33:55 -0500


Another option, if one must remain in the /tmp directory is to use mkdir
and check the return value since mkdir is atomic, then place your
droppings in there (don't forget your umask before-hand :)).

.mudge

On Fri, 18 Dec 1998, Pavel Kankovsky wrote:

On Thu, 17 Dec 1998, Stefan Laudat wrote:

I think  the correct code is :

## insert before line 26
if [ -L /tmp/oss.tmp ]
then

<emotions>
Scream! There is no f... reason why you should do this way.
</emotions>

But there are good reasons why you should NOT. For instace, /tmp/oss.tmp
can be a HARDLINK to some important file. One can make a directory of this
name (denial of service).

Correct solution:

variant 1:

        TMPFILE=/var/run/oss.tmp
        $MODTOOLS/insmod -V > $TMPFILE
        ...

variant 2: (if you can't live without a file in /tmp)

        TMPFILE=`mktemp /tmp/oss.XXXXXX`
        [ -n "$TMPFILE" ] || exit 1 # cannot create a temp file
        $MODTOOLS/insmod -V > $TMPFILE
        ...

(OpenBSD's mktemp is included in all recent versions of RedHat and Debian)

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"NSA GCHQ KGB CIA nuclear conspiration war weapon spy agent... Hi Echelon!"


P.S. A real perfectionist would add some code to prevent a collision
of two concurrent invocations of soundon.

P.S.2 When was that bug reported? soundon in an recent OSS installations I
have seen last week puts the file into the directory it was installed in.
Putting temporary files into /usr is lame but it is certainly better
than /tmp/oss.tmp.




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]