[patch] rc.d/tmp (silly mkdir usage)
Vasil Dimov
vd at datamax.bg
Tue Aug 2 06:29:39 GMT 2005
On Mon, Aug 01, 2005 at 11:37:05PM -0500, diz at linuxpowered.com wrote:
> Howdy hackers,
>
> I'm sorry for the previous patch, so here is at least one item that really
> bugs me that isn't obfuscation. In short, I don't see any reason to fork
> some process to simply "touch" a file (is a filesystem writable) when
> built-in shell i/o does this:
>
> --- /etc/rc.d/tmp.orig Mon Aug 1 23:20:24 2005
> +++ /etc/rc.d/tmp Mon Aug 1 23:22:07 2005
> @@ -48,8 +48,8 @@
> [Nn][Oo])
> ;;
> *)
> - if (/bin/mkdir -p /tmp/.diskless 2> /dev/null); then
> - rmdir /tmp/.diskless
> + if ( > /tmp/.diskless 2> /dev/null); then
> + rm /tmp/.diskless
> else
> if [ -h /tmp ]; then
> echo "*** /tmp is a symlink to a non-writable area!"
>
The thing you suggest is bloody insecure. Just imagine some baduser
doing ln -s /etc/passwd /tmp/.diskless before rc.d/tmp gets executed.
I guess this is the reason why directory creation is used instead of
file creation.
I just wonder why a new shell is forked for this test. Simply
if /bin/mkdir -p /tmp/.diskless 2> /dev/null ; then
would do the same thing without forking a new shell that only executes
/bin/mkdir
Even we can use
if [ -d /tmp -a -w /tmp ] ; then
or (which is equivalent)
if [ -d /tmp ] && [ -w /tmp ] ; then
and save external commands (mkdir) execution and directory
creation/deletion at all.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 155 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20050802/ad621717/attachment.bin
More information about the freebsd-hackers
mailing list