Date: Sun, 19 May 2013 21:50:24 +0100 From: Bob Eager <rde@tavi.co.uk> To: freebsd-ports@freebsd.org Cc: simon.wright@gmx.net Subject: Re: Why does Samba requires 777 permissions on /tmp Message-ID: <20130519215024.65d9433e@raksha.tavi.co.uk> In-Reply-To: <5199283B.4010401@gmx.net> References: <CAFzAeSdgRotc34%2BeyfVHZBA-QGUCWJ1MZDYw1ysRxEV9MhG2BQ@mail.gmail.com> <CADLo83-pFi8E-Wdoyju7YxBmOR67Qr4OWmZA-2x8_Um1F2bwoQ@mail.gmail.com> <CAFzAeSd%2B7oubgZ%2BzSJnmfNPA9v1=T41c=VF0C-sbz=vhyVE_OA@mail.gmail.com> <20130519115232.49f52d01@scorpio> <CADLo83-my3xBj9G9_dT0=FGfvK0jaRFQUhmk_YtRx3h8S_g2%2BQ@mail.gmail.com> <CAFzAeSdhNp3zor_ofMS7P1We6Wgoa5fyxeFFDxq3tPkB2CgYyA@mail.gmail.com> <20130519195639.79464471@raksha.tavi.co.uk> <5199283B.4010401@gmx.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 19 May 2013 21:30:03 +0200 Simon Wright <simon.wright@gmx.net> wrote: > On 05/19/13 20:56, Bob Eager wrote: > > On Sun, 19 May 2013 13:34:49 -0500 > > sindrome <sindrome@gmail.com> wrote: > > > >> can't authenticate to my samba server. There has to be a root of > >> this problem to make them both work. Is there some other place > >> portupgrade is having /tmp amended on without it being in my $PATH? > > > > I went back and had a closer look at your error message. What I > > hadn't done (and neither had you, prior to that) was read and fully > > digest the error message. > > > > portupgrade is calling its 'system()' function to run a command. The > > Ruby runtime does a sanity check to make sure that the directories > > in the path are secure...and /tmp isn't. I suspect that portupgrade > > puts temporary scripts into /tmp, then executes them; this implies > > that it's probably chdir'ing to /tmp, then haveing '.' in thge > > path, or even just adding /tmp to the path, although I don't think > > so. > > > > Anyway, what's insecure is that you don't have the sticky bit set. > > If you use: > > > > chmod 1777 /tmp > > > > it ought to all work. > > Unfortunately it doesn't - for me at least! Here's the error I get > from portupgrade on (all of) my FreeBSD boxes: > > [simon@vmserver02 ~]$ sudo portupgrade -pP sysutils/webmin > ---> Session started at: Sun, 19 May 2013 21:11:25 +0200 > /usr/local/lib/ruby/site_ruby/1.8/pkgtools/pkgtools.rb:288: warning: > Insecure world writable dir /tmp/ in PATH, mode 041777 > > AFAIR this started around the time of the last Ruby update over a > year ago, the change and subsequent rollback to making the default > version of Ruby 1.9. I'm using 1.8.7 which I believe is still the > FBSD default version. Is anyone seeing this issue using Ruby 1.9? > > I definitely do not have /tmp in my $PATH. As I said, that may not be the explicit problem. The message does seem to be from the ruby runtime.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130519215024.65d9433e>