Re: SECURITY PROBLEM: autofs [all versions]

[David Starner <dvdeug@x8b4e53cd.dhcp.okstate.edu>]

On Wed, Jul 05, 2000 at 09:26:55AM +0200, Thomas 'Mike' Michlmayr wrote:
> On Tue, Jul 04, 2000 at 12:11:01 -0500,
> David Starner <dvdeug@x8b4e53cd.dhcp.okstate.edu> wrote:
> [...]
> > The
> > correct way to handle is to hack the init.d script not to run it. Pretty
> > much any other way is wrong. 
> 
> this is not correct. if i put an "exit 0" in front of the init.d script, i
> can't start the daemon manually, which is what i might want to do from time
> to time. so "to hack the init.d script not to run" certainly ain't the
> correct way.
	
Then don't use exit 0. I'm not a Unix Guru, but it didn't take me that long
to come up with this for /etc/init.d/gdm last time I needed it.

case "$1" in
  start)
#       echo -n "Starting $DESC: "
#       start-stop-daemon --start --quiet --pidfile /var/run/$NAME.pid --exec $DAEMON
#       echo "$NAME."
        ;;
  stop)
        echo -n "Stopping $DESC: "
        start-stop-daemon --stop  --quiet --pidfile /var/run/$NAME.pid
        echo "$NAME."
        ;;
  #reload)
        #
        #       If the daemon can reload its config files on the fly
        #       for example by sending it SIGHUP, do it here.
        #
        #       If the daemon responds to changes in its config file
        #       directly anyway, make this a do-nothing entry.
        #
        # echo "Reloading $DESC configuration files."
        # start-stop-daemon --stop --signal 1 --quiet --pidfile \
        #       /var/run/$NAME.pid --exec $DAEMON
  #;;
  restart|force-reload)
        #
        #       If the "reload" option is implemented, move the "force-reload"
        #       option to the "reload" entry above. If not, "force-reload" is
        #       just the same as "restart".
        #
        $0 stop
        sleep 1
        $0 really-start
        ;;
  really-start)
        echo -n "Starting $DESC: "
        start-stop-daemon --start --quiet --pidfile /var/run/$NAME.pid --exec $DAEMON
        echo "$NAME."
        ;;
  *)
        N=/etc/init.d/$NAME
        # echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2
        echo "Usage: $N {start|stop|restart|force-reload|really-start}" >&2
        exit 1
        ;;
esac

-- 
David Starner - dstarner98@aasaa.ofe.org
http/ftp: x8b4e53cd.dhcp.okstate.edu
"A dynamic character with an ability to survive certain death and 
a questionable death scene leaving no corpse? Face it, we'll never
see her again." - Sluggy Freelance