Bug#661627: Avoid /tmp ?

To: 661627@bugs.debian.org
Subject: Bug#661627: Avoid /tmp ?
From: Tim <tim-debian@sentinelchicken.org>
Date: Thu, 1 Mar 2012 11:55:29 -0800
Message-id: <[🔎] 20120301195529.GJ1720@sentinelchicken.org>
Reply-to: Tim <tim-debian@sentinelchicken.org>, 661627@bugs.debian.org
In-reply-to: <20120229223348.GA2831@client.brlink.eu>
References: <20120229215118.GH1720@sentinelchicken.org> <20120229223348.GA2831@client.brlink.eu>

As far as the short-term solution to this problem goes, how about
this (untested)?


if [ -e $SOCKET_DIR ] && [ ! -d $SOCKET_DIR ]; then
    mv $SOCKET_DIR $SOCKET_DIR.$$ || exit $?
fi
if [ ! -e $SOCKET_DIR ]; then
    mkdir $SOCKET_DIR || exit $?
    chown root:root $SOCKET_DIR
    chmod 1777 $SOCKET_DIR
fi


First move other types of files out of the way, as before (is this
even necessary?).  After that, we should have either no SOCKET_DIR or
a directory by that name we have created previously.  If it doesn't
exist as a directory, create it.

If something by that name suddenly appears in the race after our
second existence test, then fail, since someone is clearly doing some
hanky-panky. Otherwise, we should own the file and there shouldn't be
a risk.  I realize that the "|| exit $?" items are redundant given the
script's "set -e", but I like to see things explicit when security
matters, since some future maintainer might accidentally remove the
"set -e" for seemingly unrelated reasons.

Note that the "chown root:root $SOCKET_DIR" also seems redundant to me
(if we didn't already own it, we would have bigger problems, right?).

tim

Reply to:

Follow-Ups:
- Bug#661627: Avoid /tmp ?
  - From: Julien Cristau <jcristau@debian.org>

Prev by Date: Bug#661754: x11-xkb-utils: setxkbmap and xkbcomp settings do not apply to new keyboards
Next by Date: Bug#661627: Avoid /tmp ?
Previous by thread: Bug#661073: xorg: crashes running: emacs, gv, various web pages
Next by thread: Bug#661627: Avoid /tmp ?
Index(es):
- Date
- Thread