Why does Samba requires 777 permissions on /tmp
Jerry
jerry at seibercom.net
Sun May 19 20:44:15 UTC 2013
On Sun, 19 May 2013 21:30:03 +0200
Simon Wright articulated:
> On 05/19/13 20:56, Bob Eager wrote:
> > On Sun, 19 May 2013 13:34:49 -0500
> > sindrome <sindrome at gmail.com> wrote:
> >
> >> can't authenticate to my samba server. There has to be a root of
> >> this problem to make them both work. Is there some other place
> >> portupgrade is having /tmp amended on without it being in my $PATH?
> >
> > I went back and had a closer look at your error message. What I
> > hadn't done (and neither had you, prior to that) was read and fully
> > digest the error message.
> >
> > portupgrade is calling its 'system()' function to run a command. The
> > Ruby runtime does a sanity check to make sure that the directories
> > in the path are secure...and /tmp isn't. I suspect that portupgrade
> > puts temporary scripts into /tmp, then executes them; this implies
> > that it's probably chdir'ing to /tmp, then haveing '.' in thge
> > path, or even just adding /tmp to the path, although I don't think
> > so.
> >
> > Anyway, what's insecure is that you don't have the sticky bit set.
> > If you use:
> >
> > chmod 1777 /tmp
> >
> > it ought to all work.
>
> Unfortunately it doesn't - for me at least! Here's the error I get
> from portupgrade on (all of) my FreeBSD boxes:
>
> [simon at vmserver02 ~]$ sudo portupgrade -pP sysutils/webmin
> ---> Session started at: Sun, 19 May 2013 21:11:25 +0200
> /usr/local/lib/ruby/site_ruby/1.8/pkgtools/pkgtools.rb:288: warning:
> Insecure world writable dir /tmp/ in PATH, mode 041777
>
> AFAIR this started around the time of the last Ruby update over a
> year ago, the change and subsequent rollback to making the default
> version of Ruby 1.9. I'm using 1.8.7 which I believe is still the
> FBSD default version. Is anyone seeing this issue using Ruby 1.9?
>
> I definitely do not have /tmp in my $PATH.
Information for portupgrade-devel-20130313_1,3:
Depends on:
Dependency: libyaml-0.1.4_2
Dependency: openssl-1.0.1_8
Dependency: libffi-3.0.13
Dependency: libexecinfo-1.1_3
Dependency: ruby-1.9.3.392,1
Dependency: ruby19-date2-4.0.19
Dependency: db48-4.8.30.0
Dependency: ruby19-bdb-0.6.6_1
And yes, I have the same error message.
--
Jerry ♔
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__________________________________________________________________
More information about the freebsd-ports
mailing list