-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
severity 330627 grave
thanks
I'm sorry, I inadvertantly miscategorized the bug as critical in the
previous message because I thought this was related to the package
installation. This bug does not affect users on installation, only on
running the cronjob.
> $RKHUNTER --cronjob --report-warnings-only > /tmp/$$
>
> If I am not mistaken this command poses a security risk for
> the system because it allows a symlink attack.
>
> Using the following commands instead would solve the problem:
>
> OUTFILE=`mktemp ` || exit 1
> $RKHUNTER --cronjob --report-warnings-only > $OUTFILE
Thanks for the report, however, this causes other breakage in the
cronjob, because elsewhere in the script references /tmp/$$:
if [ $(stat -c %s /tmp/$$) -ne 0 ]; then
cat /tmp/$$ | mail -s "[rkhunter] Daily run" root
fi
rm -f /tmp/$$
So a more complete fix would be:
- - $RKHUNTER --cronjob --report-warnings-only > /tmp/$$
- - if [ $(stat -c %s /tmp/$$) -ne 0 ]; then
- - cat /tmp/$$ | mail -s "[rkhunter] Daily run" root
+ OUTFILE=`mktemp` || exit 1
+ $RKHUNTER --cronjob --report-warnings-only > $OUTFILE
+ if [ $(stat -c %s $OUTFILE) -ne 0 ]; then
+ cat $OUTFILE | mail -s "[rkhunter] Daily run" root
fi
- - rm -f /tmp/$$
+ rm -f $OUTFILE
Micah
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDOzps9n4qXRzy1ioRAvDmAJ9Ww5JjbC2dxb9ZhcEiqqn25NYDiACeLqdL
uoYQybBEcH7pGdklOIC2piw=
=EhrL
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
