Ksh Shell script security question.
Thomas Dickey
dickey at radix.net
Thu Feb 15 12:09:10 UTC 2007
On Wed, Feb 14, 2007 at 10:57:12PM -0600, Dan Nelson wrote:
> In the last episode (Feb 14), Dak Ghatikachalam said:
> > I am am puzzled how to secure this code when this shell script is
> > being executed.
> >
> > ${ORACLE_HOME}/bin/sqlplus -s <<EOF | tee -a ${RESTOREFILE}
> > connect system/ugo8990d
> > set heading off
> > set feedback off
> > set pagesize 500
> > select 'SCN_TO_USE | '||max(next_change#) from V\$LOG_HISTORY;
> > quit
> > EOF
> >
> > When I run this code from shell script in /tmp directory it spews
> > file called /tmp/sh03400.000 in that I have this entire code visible.
>
> I bet if you check the permissions you'll find the file has mode 0600,
> which means only the user running the script can read the file (at
> least that's what a test using the pdksh port does on my system).
> ksh93 does have a problem, though: it opens a file and immediately
> unlinks it, but the file is world-readable for a short time.
Doesn't it (ksh93, etc) pay attention to umask?
If it does, the script should use that feature.
>
> Both ksh variants honor the TMPDIR variable, though, so if you create a
> ~/tmp directory, chmod it so only you can access it, then set
> TMPDIR=~/tmp , you will be secure even if you're using ksh93.
relatively (it's not a given that people haven't opened up ~/tmp)
--
Thomas E. Dickey
http://invisible-island.net
ftp://invisible-island.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20070215/f20b0bad/attachment.pgp
More information about the freebsd-questions
mailing list