More into /etc/rc.d/jail

Simon L. Nielsen simon at FreeBSD.org
Wed Aug 10 13:54:09 GMT 2005


On 2005.08.10 00:21:17 +0200, Stefan Bethke wrote:
> Am 10.08.2005 um 00:08 schrieb Simon L. Nielsen:
> 
> >On 2005.08.09 23:30:26 +0200, Stefan Bethke wrote:
> >
> >>    sed -e 's/#.*$//' <${mdconfig_conf} |grep -v '^[[:space:]]*$'  
> >>>/tmp/mdconfig.$$
> >
> >Try searching the web for "temporary file symlink attack"... (hint:
> >creating temorary files like that is bad, use mktemp).
> 
> Again, thanks for the hint.  This was meant as a starting point; it  
> was hacked together as a stop-gap measure in twenty minutes. (And has  
> persisted over six months now...)

I agree that it's unlikely to be actually exploited, but there might
be situations where it can be, which is why I wanted to point out the
problem.  Hacks have a tendency to stay around exactly like the six
month part of your paragraph, which is rather common, :-).

> I would be more than happy for someone else taking this script,  
> polishing it, and getting it committed, so I don't have to rememeber  
> not nuking it on the next mergemaster :-)

I will let the rc.d guru's ponder a bit out how this is done best :-).

-- 
Simon L. Nielsen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20050810/ff63aec8/attachment.bin


More information about the freebsd-current mailing list