Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 2 Aug 2005 14:05:22 +0300
From:      Vasil Dimov <vd@datamax.bg>
To:        Giorgos Keramidas <keramida@linux.gr>
Cc:        freebsd-hackers@freebsd.org
Subject:   Re: [patch] rc.d/tmp (silly mkdir usage)
Message-ID:  <20050802110522.GA85997@sinanica.bg.datamax>
In-Reply-To: <20050802093348.GC1307@beatrix.daedalusnetworks.priv>
References:  <51934.68.95.232.238.1122957425.squirrel@68.95.232.238> <20050802062937.GA31485@sinanica.bg.datamax> <20050802093348.GC1307@beatrix.daedalusnetworks.priv>
next in thread | previous in thread | raw e-mail | index | archive | help 

--HcAYCG3uE/tztfnV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Aug 02, 2005 at 12:33:48PM +0300, Giorgos Keramidas wrote:
> On 2005-08-02 09:29, Vasil Dimov <vd@datamax.bg> wrote:
> > > --- /etc/rc.d/tmp.orig  Mon Aug  1 23:20:24 2005
> > > +++ /etc/rc.d/tmp       Mon Aug  1 23:22:07 2005
> > > @@ -48,8 +48,8 @@
> > >  [Nn][Oo])
> > >         ;;
> > >  *)
> > > -       if (/bin/mkdir -p /tmp/.diskless 2> /dev/null); then
> > > -               rmdir /tmp/.diskless
> > > +       if ( > /tmp/.diskless 2> /dev/null); then
> > > +               rm /tmp/.diskless
> > >         else
> > >                 if [ -h /tmp ]; then
> > >                         echo "*** /tmp is a symlink to a non-writable=
 area!"
> >
> > The thing you suggest is bloody insecure. Just imagine some baduser
> > doing ln -s /etc/passwd /tmp/.diskless before rc.d/tmp gets executed.
> > I guess this is the reason why directory creation is used instead of
> > file creation.
> >
> > I just wonder why a new shell is forked for this test. Simply if
> > /bin/mkdir -p /tmp/.diskless 2> /dev/null ; then would do the same
> > thing without forking a new shell that only executes /bin/mkdir
>=20
> I think it's because the current shell is allowed to exit if a command
> fails while a conditional test like this is run:
>=20
> 	if mkdir /tmp/foo; then
> 		echo foo
> 		rmdir /tmp/foo
> 	fi
>=20
> and mkdir may fail.
>=20

What do you mean by "allowed to exit"?
sh -e?

--HcAYCG3uE/tztfnV
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----

iD8DBQFC71NxFw6SP/bBpCARAnu1AJ9VR25ubG5/z1gtBifI5zxLYNkLqACguhpb
9xubc+kaOFADWqquDq5DUUg=
=0Uef
-----END PGP SIGNATURE-----

--HcAYCG3uE/tztfnV--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050802110522.GA85997>