Why does Samba requires 777 permissions on /tmp

Sindrome sindrome at gmail.com
Sun May 19 20:37:28 UTC 2013


I concur with Simon. That's exactly when it started for me.

On May 19, 2013, at 2:30 PM, Simon Wright <simon.wright at gmx.net> wrote:

> On 05/19/13 20:56, Bob Eager wrote:
>> On Sun, 19 May 2013 13:34:49 -0500
>> sindrome <sindrome at gmail.com> wrote:
>> 
>>> can't authenticate to my samba server.  There has to be a root of
>>> this problem to make them both work.  Is there some other place
>>> portupgrade is having /tmp amended on without it being in my $PATH?
>> 
>> I went back and had a closer look at your error message. What I hadn't
>> done (and neither had you, prior to that) was read and fully digest the
>> error message.
>> 
>> portupgrade is calling its 'system()' function to run a command. The
>> Ruby runtime does a sanity check to make sure that the directories in
>> the path are secure...and /tmp isn't. I suspect that portupgrade puts
>> temporary scripts into /tmp, then executes them; this implies that it's
>> probably chdir'ing to /tmp, then haveing '.' in thge path, or even just
>> adding /tmp to the path, although I don't think so.
>> 
>> Anyway, what's insecure is that you don't have the sticky bit set. If
>> you use:
>> 
>>   chmod 1777 /tmp
>> 
>> it ought to all work.
> 
> Unfortunately it doesn't - for me at least! Here's the error I get from portupgrade on (all of) my FreeBSD boxes:
> 
> [simon at vmserver02 ~]$ sudo portupgrade -pP sysutils/webmin
> --->  Session started at: Sun, 19 May 2013 21:11:25 +0200
> /usr/local/lib/ruby/site_ruby/1.8/pkgtools/pkgtools.rb:288: warning: Insecure world writable dir /tmp/ in PATH, mode 041777
> 
> AFAIR this started around the time of the last Ruby update over a year ago, the change and subsequent rollback to making the default version of Ruby 1.9. I'm using 1.8.7 which I believe is still the FBSD default version. Is anyone seeing this issue using Ruby 1.9?
> 
> I definitely do not have /tmp in my $PATH.
> 
> Cheers
> 
> Simon.
> 


More information about the freebsd-ports mailing list