[patch] rc.d/tmp (silly mkdir usage)
Vasil Dimov
vd at datamax.bg
Tue Aug 2 11:05:24 GMT 2005
On Tue, Aug 02, 2005 at 12:33:48PM +0300, Giorgos Keramidas wrote:
> On 2005-08-02 09:29, Vasil Dimov <vd at datamax.bg> wrote:
> > > --- /etc/rc.d/tmp.orig Mon Aug 1 23:20:24 2005
> > > +++ /etc/rc.d/tmp Mon Aug 1 23:22:07 2005
> > > @@ -48,8 +48,8 @@
> > > [Nn][Oo])
> > > ;;
> > > *)
> > > - if (/bin/mkdir -p /tmp/.diskless 2> /dev/null); then
> > > - rmdir /tmp/.diskless
> > > + if ( > /tmp/.diskless 2> /dev/null); then
> > > + rm /tmp/.diskless
> > > else
> > > if [ -h /tmp ]; then
> > > echo "*** /tmp is a symlink to a non-writable area!"
> >
> > The thing you suggest is bloody insecure. Just imagine some baduser
> > doing ln -s /etc/passwd /tmp/.diskless before rc.d/tmp gets executed.
> > I guess this is the reason why directory creation is used instead of
> > file creation.
> >
> > I just wonder why a new shell is forked for this test. Simply if
> > /bin/mkdir -p /tmp/.diskless 2> /dev/null ; then would do the same
> > thing without forking a new shell that only executes /bin/mkdir
>
> I think it's because the current shell is allowed to exit if a command
> fails while a conditional test like this is run:
>
> if mkdir /tmp/foo; then
> echo foo
> rmdir /tmp/foo
> fi
>
> and mkdir may fail.
>
What do you mean by "allowed to exit"?
sh -e?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 155 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20050802/c745af50/attachment.bin
More information about the freebsd-hackers
mailing list