Date: Thu, 18 Apr 2002 17:31:55 -0700 (PDT) From: Thomas Cannon <tcannon@noops.org> To: Kris Kennaway <kris@obsecurity.org> Cc: <freebsd-questions@FreeBSD.ORG>, <security-officer@freebsd.org> Subject: Re: I think this could be better Message-ID: <20020418172834.X9440-100000@stereophonic.noops.org> In-Reply-To: <20020418165048.A22497@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 18 Apr 2002, Kris Kennaway wrote: > > On Thu, Apr 18, 2002 at 01:03:54PM -0700, Thomas Cannon wrote: > > I just did a "make world" and noticed this go zipping by: > > > > mkdir -p /tmp/install.33931 > > for prog in [ awk cat chflags chmod chown date echo egrep find grep ln > > make makewhatis mtree mv perl rm sed sh sysctl test true uname wc zic; do > > cp `which $prog` /tmp/install.33931; done > > > > I killed it and took a look around and saw that yes, indeed, we're > > running (via make) a shell script (as root) that makes temporary files in > > a world-writable directory, without checking to see if it exists first, with > > a predictable name. > > It's not a world-writable directory unless your umask is fubar. It > probably should be using "mktemp -d" though. /tmp is not world writable? Oh, I understand. Sure it creates a non-world-writable directory. But it does so in a world-writable directory. So all I have to do is make the /tmp/install.$$ directory first. The umask doesn't even come into play. Thomas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020418172834.X9440-100000>