From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Brownell Date: Tue, 19 Mar 2002 01:51:17 +0000 Subject: Re: Forward: Bug#138975: hotplug: /tmp symlink vulnerability Message-Id: List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: linux-hotplug@vger.kernel.org Looks right to me, except that some other agent scripts had the same general need for writable /tmp so maybe a more generic fix, done once, would be] a better way to go. - Dave ----- Original Message ----- From: "Fumitoshi UKAI" To: Sent: Monday, March 18, 2002 5:39 PM Subject: Forward: Bug#138975: hotplug: /tmp symlink vulnerability > Hi, > > I received the following bug report. > It actually create any files on tye system by dangling symlinking > in /tmp/test. (touch follows symlinks). > > Anyway as report said, I think it's better to touch /tmp itself > instead of touch /tmp/test.$$ and remove it. > If directory is writable, touch the directory will be success, otherwise > touch will be failed. > > How about this ? > > Index: etc/hotplug/ieee1394.agent > =================================> RCS file: /cvsroot/linux-hotplug/admin/etc/hotplug/ieee1394.agent,v > retrieving revision 1.3 > diff -u -u -r1.3 ieee1394.agent > --- etc/hotplug/ieee1394.agent 4 Jan 2002 18:39:49 -0000 1.3 > +++ etc/hotplug/ieee1394.agent 19 Mar 2002 01:36:56 -0000 > @@ -33,9 +33,9 @@ > > # if called too early in booting, things break > # (bash creates tempfiles) > -if touch /tmp/test.$$ >/dev/null 2>&1 > +if touch /tmp >/dev/null 2>&1 > then > - rm -f /tmp/test.$$ > + : ok > else > mesg Need writable /tmp ... > exit 1 > > Regards, > Fumitoshi UKAI > > _______________________________________________ Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net Linux-hotplug-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel