* Julien Cristau <jcris...@debian.org> [120302 14:31]:
> > I think the obsolete chown command should be removed (as said Tim), and
> > also the chmod should by replaced by a single atomic operation (using
> > "mkdir -m"). Those two things will avoid usages of dangerous commands
> > and then, reduce TOCTTOU risks.
> >
> I'm not convinced the chown can be removed.
> And 'mkdir -m 1777 foo' is not any more atomic than 'mkdir foo && chmod 1777
> foo'.
To be more precise: it is more atomic but not in a way that makes a difference
here.
> but so far I haven't seen a way to do that in shell, because chmod(1)
> doesn't have a --no-dereference option, and even if it did it doesn't
> look like I could safely detect whether to exit with failure or success.
>
> hmm, how about this:
>
> mkdir -p /tmp/.X11-unix
> chown -h root:root /tmp/.X11-unix
> stat=$(LC_ALL=C stat -c '%u %g %F' /tmp/.X11-unix)
> if [ "$stat" != '0 0 directory' ]; then
> exit 1
> fi
> chmod 1777 /tmp/.X11-unix
If mkdir -p fails (it for example does if .X11-unix is a proper file
or a dangling symlink), one might refrain from issuing the following
commands.
Are there any kernel hardening patches that check ownership of symlinks?
If there are then changing the ownership of a /tmp/.X11-unix symlink
might actually introduce a problem similar to the one this was
originally trying to solve in those cases.
And I think if there is something else, it might make sense to
try to move it away again and try to create it again.
Bernhard R. Link
--
To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120302143935.ga2...@client.brlink.eu
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
