RE: tmp issues: trap before making safe tmp and no change directory

From: Daniel Linder (dlinder_at_iprevolution.net)
Date: 10/28/03

  • Next message: Brian Hatch: "Re: tmp issues: trap before making safe tmp and no change directory" 
    Date: Tue, 28 Oct 2003 15:19:56 -0600
To: <security-discuss@linuxsecurity.com>, <security-discuss@linuxsecurity.com>

    You noted:
    > Even if the $tmpdir exists, it may not be the one created by the script.

    This is true, but I guess that is one of the 'risks' one takes when trying to do atomic locking with shell scripting... :) :(
     
    Would it be possible to write a small compiled program that could do the "atomically create unique file/directory and return it's name" program? This is getting waaayyyy out of scope for 'fixing' the script in your example but it is one of the few ways I see to get around it. Or see if the shell you are running under has an atomic check and create subroutine...probably not. :(
     
    On the flip side, since "$tmpdir" is made up of the PID of the script, then there is a much smaller chance of using a pre-existing directory. If you append the current system time (i.e. epoc micro-seconds) this should help quite a lot. Of course, these tricks don't help if your script is running on an embedded machine or before the time has been properly set to the world time...
     
    Good luck!
     
    Dan

            -----Original Message-----
            From: Jeremy C. Reed [mailto:reed@reedmedia.net]
            Sent: Tue 10/28/2003 2:58 PM
            To: security-discuss@linuxsecurity.com
            Cc:
            Subject: RE: tmp issues: trap before making safe tmp and no change directory
            
            

            On Tue, 28 Oct 2003, Daniel Linder wrote:
            
    > Rather than using another value for the "needsCleanup" variable, why
    > not use the test of the existance of "$tmpdir" as the value for your
    > "needsCleanup" value? I.e. replace "$needsCleanup" with a subroutine
    > that returns "true" if the "$tmpdir" exists? Is there a bad race
    > condition here?
            
            (Just to note, this is not my code.)
            
            Even if the $tmpdir exists, it may not be the one created by the script.
            
            I guess it could check to see if it is not a symlink. (But I think the
            trap should just be done after it is safely created.)
            
            And the "rm -f $tmpdir/*" cleanup potentially can happen before the script
            safely attempts to create its own tmpdir.
            
               Jeremy C. Reed
               http://bsd.reedmedia.net/
            
            ------------------------------------------------------------------------
                 To unsubscribe email security-discuss-request@linuxsecurity.com
                     with "unsubscribe" in the subject of the message.
            
            

    N‹§²æìr¸›y隊[rêâ·'b±Ë¬²·ª¹ë-–)îÆÇœº¸­ÉÊ&Â+aº{.nÇ+‰·¢žØ^²æãyËh~Ø^™ë,

  • Next message: Brian Hatch: "Re: tmp issues: trap before making safe tmp and no change directory"