From mboxrd@z Thu Jan 1 00:00:00 1970 From: Fumitoshi UKAI Date: Tue, 19 Mar 2002 16:51:55 +0000 Subject: Re: Forward: Bug#138975: hotplug: /tmp symlink vulnerability Message-Id: List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: linux-hotplug@vger.kernel.org At Mon, 18 Mar 2002 17:51:17 -0800, David Brownell wrote: > Looks right to me, except that some other agent > scripts had the same general need for writable /tmp > so maybe a more generic fix, done once, would be] > a better way to go. I committed this patch. But I can't find any reason why this check is in ieee1394.agent only. Which part of ieee1394.agent requires /tmp is writable? Doesn't other agent need to check as well? Regards, Fumitoshi UKAI > ----- Original Message ----- > From: "Fumitoshi UKAI" > To: > Sent: Monday, March 18, 2002 5:39 PM > Subject: Forward: Bug#138975: hotplug: /tmp symlink vulnerability > > > > Hi, > > > > I received the following bug report. > > It actually create any files on tye system by dangling symlinking > > in /tmp/test. (touch follows symlinks). > > > > Anyway as report said, I think it's better to touch /tmp itself > > instead of touch /tmp/test.$$ and remove it. > > If directory is writable, touch the directory will be success, otherwise > > touch will be failed. > > > > How about this ? > > > > Index: etc/hotplug/ieee1394.agent > > =================================> > RCS file: /cvsroot/linux-hotplug/admin/etc/hotplug/ieee1394.agent,v > > retrieving revision 1.3 > > diff -u -u -r1.3 ieee1394.agent > > --- etc/hotplug/ieee1394.agent 4 Jan 2002 18:39:49 -0000 1.3 > > +++ etc/hotplug/ieee1394.agent 19 Mar 2002 01:36:56 -0000 > > @@ -33,9 +33,9 @@ > > > > # if called too early in booting, things break > > # (bash creates tempfiles) > > -if touch /tmp/test.$$ >/dev/null 2>&1 > > +if touch /tmp >/dev/null 2>&1 > > then > > - rm -f /tmp/test.$$ > > + : ok > > else > > mesg Need writable /tmp ... > > exit 1 > > > > Regards, > > Fumitoshi UKAI > > > > > > > _______________________________________________ > Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net > Linux-hotplug-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel > > _______________________________________________ Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net Linux-hotplug-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel