Hi,
In security level config, there is a potentially
dangerous problem.
1) the output of the 'mktemp' command is not tested,
2) the system tries to copy the config file (i.e.
/etc/inittab, etc.) in the temporary file
which already exists but does not force the copy.
The copy aborts and the temporary file is empty.
The original config file is delete.
Solution :
1) replace :
mktemp /tmp/secure.XXXXXX
by
mktemp /tmp/secure.XXXXXX || exit 1
2) replace :
cp /etc/inittab ${tmpfile}
cp ${file} ${tmpfile}
cp /etc/${file} ${tmpfile}
cp /etc/lilo.conf ${tmpfile}
by
cp -f /etc/inittab ${tmpfile}
cp -f ${file} ${tmpfile}
cp -f /etc/${file} ${tmpfile}
cp -f /etc/lilo.conf ${tmpfile}
Regards,
Yann
--
Ionix Services, les services r�seaux d'aujourd'hui
http://www.ionix-services.com/
Tel 04 76 70 64 24
Fax 04 76 70 64 25
