->> + rm -f /tmp/.misc.$$$$ /tmp/.allmods.$$$$; \
->> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
->> Umm, as I see it could create potential security hole.
->You've only changed it from an obvious /tmp exploit to a race. Using /tmp
->in shell scripts or makefiles should probably be avoided.
Ops. Since it seems my half-assed fix made into kernel-124, here is an
attempt to make secure tmp dir for kernel tmp files. Ideally all tmp files
used by kernel compile could be located there. Could, please, people
comment on it?
It does:
1) uses absolute patchnames
2) breaks if mkdir fails
so it should be secure.
-------------------------------------
--- Makefile-ORIG Sun Oct 4 16:26:28 1998
+++ Makefile Sun Oct 4 17:45:34 1998
@@ -316,11 +316,18 @@
if [ -f VIDEO_MODULES ]; then inst_mod VIDEO_MODULES video; fi; \
if [ -f FC4_MODULES ]; then inst_mod FC4_MODULES fc4; fi; \
\
- rm -f /tmp/.misc.$$$$ /tmp/.allmods.$$$$; \
- ls *.o > /tmp/.allmods.$$$$; \
- echo $$MODULES | tr ' ' '\n' | sort | comm -23 /tmp/.allmods.$$$$ - > /tmp/.misc.$$$$; \
- if [ -s /tmp/.misc.$$$$ ]; then inst_mod /tmp/.misc.$$$$ misc; fi; \
- rm -f /tmp/.misc.$$$$ /tmp/.allmods.$$$$; \
+ TMPDIR="/tmp/kernel.tmp.$$$$"; \
+ rm -rf $$TMPDIR; \
+ umask 022; \
+ mkdir $$TMPDIR; \
+ if [ $$? -ne 0 ]; then \
+ echo "$0: Can't create temp dir $$TMPDIR, exiting..."; \
+ exit 1; \
+ fi; \
+ ls *.o > $$TMPDIR/allmods; \
+ echo $$MODULES | tr ' ' '\n' | sort | comm -23 $${TMPDIR}/allmods - > $${TMPDIR}/misc; \
+ if [ -s $${TMPDIR}/misc ]; then inst_mod $${TMPDIR}/misc misc; fi; \
+ rm -rf $$TMPDIR; \
)
# modules disabled....
-------------------------------------
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/