Re: More into /etc/rc.d/jail

From: Stefan Bethke (stb_at_lassitu.de)
Date: 08/10/05

  • Next message: Sam Leffler: "Re: Hifn driver in SMP (was Re: GELI - disk encryption GEOM class committed.)" 
    Date: Wed, 10 Aug 2005 00:21:17 +0200
To: "Simon L. Nielsen" <simon@FreeBSD.org>

    Am 10.08.2005 um 00:08 schrieb Simon L. Nielsen:

    > On 2005.08.09 23:30:26 +0200, Stefan Bethke wrote:
    >
    >> sed -e 's/#.*$//' <${mdconfig_conf} |grep -v '^[[:space:]]*$'
    >> >/tmp/mdconfig.$$
    >
    > Try searching the web for "temporary file symlink attack"... (hint:
    > creating temorary files like that is bad, use mktemp).

    Again, thanks for the hint. This was meant as a starting point; it
    was hacked together as a stop-gap measure in twenty minutes. (And has
    persisted over six months now...)

    As to the actual problem:
    - It should run late in the startup sequence, so cleantmp should have
    run.
    - I cribbed the use directly off some other script... let's see...
    ah, it's /etc/rc.d/jail.
    - The host for all the jails should be inaccessible for anyone except
    myself and my admin colleague. (And yes, there's no services running
    there apart from sshd.)

    I would be more than happy for someone else taking this script,
    polishing it, and getting it committed, so I don't have to rememeber
    not nuking it on the next mergemaster :-)

    Cheers,
    Stefan 

    -- 
Stefan Bethke <stb@lassitu.de>   Fon +49 170 346 0140
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
  • Next message: Sam Leffler: "Re: Hifn driver in SMP (was Re: GELI - disk encryption GEOM class committed.)"

    Relevant Pages

    • Re: More into /etc/rc.d/jail
      ... On 2005.08.10 00:21:17 +0200, Stefan Bethke wrote: ... >>creating temorary files like that is bad, use mktemp). ... > Again, thanks for the hint. ...
      (freebsd-current)
    • Quest for HEX Strings
      ... maybe somebody can give me a hint how to solve this Problem. ... write a script that can recover files from malformed Mails. ... Now I want to create a script wre I can automate this task. ... will place all the Header to an Array and than I want to grep for them ...
      (de.comp.lang.perl.misc)
    • Re: Self-removing temp files
      ... > typeset -i numtemp i ... > typeset -xf mktemp ... the EXIT trap in the function is executed when the ... > function call ends and not when the calling script ends. ...
      (comp.unix.shell)
    • Re: Debian MySQL Perl DBI - connection terminates unexpectedly after 100 secs.
      ... I rather guess it was a gentle hint that your problem description ... to catch e.g. script that run in an endless loop. ... If you are using Apache it might be a RLimitCPU ... files of the web server will give you some more hints. ...
      (comp.lang.perl.misc)
    • Re: Execution Plan Hinting
      ... someone a hint at what is going wrong. ... I couldn't recreate your problem running this script from Query Analyzer. ... PRIMARY KEY constraint 'PK_FIELD_VALUES'. ...
      (comp.databases.ms-sqlserver)