There are currently at least two problems with maketempfile. Firstly, there is a race in the following constrct:
rm -f "$F"; touch "$F" As an attacker could potitinally create a symlink to "$F" between the call to rm and the call to touch. Secondly the use of $RANDOM appears to be a bashism. On dash its usage in BasicSanityCheck appears to evaluate to the empty string. See Debian Bug #489607, http://bugs.debian.org/489607 On Linux systems BasicSanityCheck already relies on @MKTEMP@ being present by using @MKTEMP@ -d directly. So this patch simply takes the approach of removing maketempfile and always calling $MKTEMP directly. The patch also makes sure that the return value is checked and the script exits cleanly if an error occurs. If we really are worried about systems that don't have mktemp, then I suggest making a robust version of maketempfile based on mkdir and using it always - if it is robust then there is no reason not to. For a discussion of creating mktemp in shell see http://www.linuxsecurity.com/content/view/115462/81/ Signed-off-by: Simon Horman <[EMAIL PROTECTED]> Index: heartbeat/heartbeat/lib/BasicSanityCheck.in =================================================================== --- heartbeat.orig/heartbeat/lib/BasicSanityCheck.in 2008-08-06 15:04:04.000000000 +1000 +++ heartbeat/heartbeat/lib/BasicSanityCheck.in 2008-08-06 15:14:55.000000000 +1000 @@ -64,35 +64,11 @@ SIGLIST="0 1 2 3 6 15" errcount=0 -# Make temp files the paranoid way... -maketempfile() { -# -# Use mktemp if we have it, otherwise... -# -# Construct a difficult-to-guess filename if we don't -# Make sure non-mktemp files can't be subverted -# $RANDOM is not strictly necessary, but nice to have... -# - if - test "x$MKTEMP" != "x" \ - && F=`$MKTEMP /tmp/lha-XXXXXX` && [ ! -z "$F" -a -f "$F" ] - then - echo $F - else - while - echo >/dev/null & - F=/tmp/lha-${RANDOM}-$$-$! - rm -f "$F"; touch "$F" - # Try again if we don't own it, or it's a symlink - # Or somehow not a regular file... - $TESTPROG ! -O "$F" -o -L "$F" -o ! -f "$F" - do - : Try again... - done - echo $F - fi -} -LOGFILE=`maketempfile` +if test "x$MKTEMP" != "x"; then + echo "error: mktemp command does not exist" + exit 1 +fi +LOGFILE=`$MKTEMP /tmp/lha-XXXXXX` || exit 1 cd $HADIR ulimit -c unlimited @@ -985,7 +961,7 @@ TestRA() { fi if [ `uname -s` = 'Linux' ]; then - [EMAIL PROTECTED]@ -d /tmp/lha-dir-XXXXXXXXXXX` + MNT_DIR=`$MKTEMP -d /tmp/lha-dir-XXXXXXXXXXX` || exit 1 echo "Testing RA: Filesystem" | tee -a $LOGFILE $OCF_TESTER -o device=/dev/null -o fstype=proc -o directory=$MNT_DIR \ -n DemoFS $RADIR/Filesystem >>$LOGFILE 2>&1 _______________________________________________________ Linux-HA-Dev: [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev Home Page: http://linux-ha.org/
