On Thu, 2007-04-26 at 23:52, Ira Weiny wrote: > On Thu, 26 Apr 2007 19:47:04 -0700 > Roland Dreier <[EMAIL PROTECTED]> wrote: > > > > > I'm sorry, I'm not familiar with the code. > > > > I was just saying that using /tmp/ibnetdiscover.topology is clearly > > > > a security risk since /tmp is world-writeable. Isn't it? > > > > > > However, I think the risk is pretty low. The scripts only use this > > information > > > to report other information about the subnet. The only damage would be > > if an > > > admin misinterpreted this information and did something bad to the net. > > > > You're not being devious enough. Look up "symlink attack" to see one > > idea of something evil that an attacker could do. > > Ok, you scared me. ;-) How about the following patch? Would an autoconf > option be better? > > Ira > > > >From 4f3c4c69bf7920284ea9894246abc540b4d99cfb Mon Sep 17 00:00:00 2001 > From: Ira K. Weiny <[EMAIL PROTECTED]> > Date: Thu, 26 Apr 2007 20:40:50 -0700 > Subject: [PATCH] Remove all uses of "/tmp" from perl diags > > Remove all the uses of /tmp for cached application data. Replace with a > global defined to /var/cache/infiniband-diags. > > Signed-off-by: Ira K. Weiny <[EMAIL PROTECTED]>
Thanks. Applied (to both master and ofed_1_2). -- Hal _______________________________________________ general mailing list [email protected] http://lists.openfabrics.org/cgi-bin/mailman/listinfo/general To unsubscribe, please visit http://openib.org/mailman/listinfo/openib-general
