Package: ksmserver Version: 4:3.3.2-1 Priority: normal Tags: security The default startkde script provided with KDE does not seem to check any exit values for lnusertemp:
165 # Link "tmp" resource to directory in /tmp
166 # Creates a directory /tmp/kde-$USER and links $KDEHOME/tmp-$HOSTNAME
to 166 it.
167 lnusertemp tmp >/dev/null
168
169 # Link "socket" resource to directory in /tmp
170 # Creates a directory /tmp/ksocket-$USER and links
$KDEHOME/socket-$HOST 170 NAME to it.
171 lnusertemp socket >/dev/null
172
173 # Link "cache" resource to directory in /var/tmp
174 # Creates a directory /var/tmp/kdecache-$USER and links
$KDEHOME/cache-$ 174 HOSTNAME to it.
175 lnusertemp cache >/dev/null
There are several reasons this is not correct, the most important being
that if /tmp (or /var/tmp) are full and lnusertemp cannot do it's job
(create a directory there), the startkde will happily keep on working even
though the needed symlinks are not going to be there.
IMHO the exit status of all of these actions should be tested, how about
the attached patch to improve over the existing script? (it also includes a
useful comment on how to prevent user files from ending up in /tmp or
/var/tmp since KDE does not honor $TMPDIR)
Regards
Javier
--- startkde.orig 2005-01-25 00:48:59.000000000 +0100
+++ startkde 2005-01-25 00:51:18.000000000 +0100
@@ -162,20 +162,23 @@
export GS_LIB
fi
-# Link "tmp" resource to directory in /tmp
-# Creates a directory /tmp/kde-$USER and links $KDEHOME/tmp-$HOSTNAME to it.
-lnusertemp tmp >/dev/null
-
-# Link "socket" resource to directory in /tmp
-# Creates a directory /tmp/ksocket-$USER and links $KDEHOME/socket-$HOSTNAME
to it.
-lnusertemp socket >/dev/null
-
-# Link "cache" resource to directory in /var/tmp
-# Creates a directory /var/tmp/kdecache-$USER and links
$KDEHOME/cache-$HOSTNAME to it.
-lnusertemp cache >/dev/null
-
-# In case of dcop sockets left by a previous session, cleanup
-dcopserver_shutdown
+# Link "tmp" "socket" and "cache" resources to directory in /tmp
+# Creates:
+# - a directory /tmp/kde-$USER and links $KDEHOME/tmp-$HOSTNAME to it.
+# - a directory /tmp/ksocket-$USER and links $KDEHOME/socket-$HOSTNAME to it.
+# - a directory /var/tmp/kdecache-$USER and links $KDEHOME/cache-$HOSTNAME to
it.
+# Note: temporary locations can be overriden through the KDETMP and KDEVARTMP
+# environment variables
+if [ ! -x "`which lnusertemp`" ] ; then
+ echo "Cannot find or run lnusertemp, aborting" >&2
+ exit 1
+fi
+for resource in tmp cache socket; do
+ if ! lnusertemp $resource >/dev/null; then
+ echo "Call to lnusertemp didn't succeed (temporary directories
full?), aborting" >&2
+ exit 1
+ fi
+done
echo 'startkde: Starting up...' 1>&2
signature.asc
Description: Digital signature
