conf/141258: /etc/rc.d/tmp may act incorrectly based on
unprivleged local user actions
Jon Passki
jon at passki.us
Fri Mar 5 13:00:14 UTC 2010
The following reply was made to PR conf/141258; it has been noted by GNATS.
From: Jon Passki <jon at passki.us>
To: Jaakko Heinonen <jh at freebsd.org>
Cc: bug-followup at freebsd.org
Subject: Re: conf/141258: /etc/rc.d/tmp may act incorrectly based on
unprivleged local user actions
Date: Fri, 5 Mar 2010 06:29:06 -0600
On Fri, Mar 5, 2010 at 12:15 AM, Jaakko Heinonen <jh at freebsd.org> wrote:
>
> Here is a proposed minimal fix for the problem. mktemp(1) should be
> available because the script requires mountcritremote. (Can someone
> confirm this?)
>
> %%%
> Index: etc/rc.d/tmp
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> --- etc/rc.d/tmp =A0 =A0 =A0 =A0(revision 204194)
> +++ etc/rc.d/tmp =A0 =A0 =A0 =A0(working copy)
> @@ -51,8 +51,8 @@ case "${tmpmfs}" in
> =A0[Nn][Oo])
> =A0 =A0 =A0 =A0;;
> =A0*)
> - =A0 =A0 =A0 if /bin/mkdir -p /tmp/.diskless 2> /dev/null; then
> - =A0 =A0 =A0 =A0 =A0 =A0 =A0 rmdir /tmp/.diskless
> + =A0 =A0 =A0 if _tmpdir=3D$(mktemp -d -q /tmp/.diskless.XXXXXX); then
> + =A0 =A0 =A0 =A0 =A0 =A0 =A0 rmdir ${_tmpdir}
> =A0 =A0 =A0 =A0else
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0if [ -h /tmp ]; then
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0echo "*** /tmp is a symlin=
k to a non-writable area!"
> %%%
>
Seems like an appropriate fix. I don't have a way to test this out at
the moment though.
Jon
More information about the freebsd-rc
mailing list