On 2013/08/28 14:50, Craig R. Skinner wrote:
> It's part of the deliberate design concept to use predictable names as
> the tool caches blacklists. If during the next run there are temporary
> networking errors, the currently running instance can reuse previously
> cached data.
If that's the case, they should go in a private directory which
is not world-writable, something under /var/db would be appropriate.
> As the blacklists are (mostly) publicly available, I thought /var/tmp
> was sufficient.
Then I think you miss the point of the problem with predictable filenames.
Consider the scenario where an attacker creates a link pointing at
some file he would like to be overwritten..
> The locks also need to have predictable names as each time spamd-setup
> is run by cron, it exec's a new instance for each blacklist. There is no
> persistent process to use any IPC.
>
> After reading the CERT URL, I realise an attacker might be able to alter
> the blacklists.... OK. I could default to using /var/[spool/]${DISTNAME}
> for everything, and also check for stale files internally, rather than
> rely on daily(8).
For locks, ports/sysutils/flock is very useful.
> Quick question;- should tools log in /var/log, or their own sub dir
> (e.g. apache, squid)? I chose to append failed $(mktemp) logs to
> /var/tmp/${DISTNAME}.log as any transient networking errors are
> inconsequential after a couple of days, by which time daily(8) will have
> deleted the log. A newsyslog(8) entry seemed OTT for a seldom used log.
syslog (via logger(1)) is good for 1-line status information, as it's run
from cron then maybe output errors/more information to stdout or stderr,
people can decide whether or not to redirect it (in which case, it's
probably best if a successful run is silent).
> > ... retrieved=$(print ${url} | sed 's/[`??!"$%^&*()+=:;@~#\|?/<>,]/_/g')
> >
> > Keep known-good characters, rather than try and strip out bad
> > characters. A hash of the URL might be more appropriate.
> >
>
> OK. I done it that way to make the cache human readable for any manual
> administration:
>
> $ ls /var/tmp/spamd-setup-downloader
> psbl-mirror.surriel.com__psbl_psbl.txt
> rsync-mirrors.uceprotect.net__RBLDNSD-ALL_dnsbl-1.uceprotect.net
> www.bsdly.net__peter_bsdly.net.traplist
> www.bsdly.net__peter_bsdly.net.traplist~
> www.openbsd.org_spamd_nixspam
> www.openbsd.org_spamd_nixspam.gz
> www.openbsd.org_spamd_nixspam.gz~
> www.openbsd.org_spamd_traplist
> www.openbsd.org_spamd_traplist.gz
> www.openbsd.org_spamd_traplist.gz~
If you're not too concerned about multiple URLs getting squashed to the
same string, you could do something like "tr -c '[a-zA-Z0-9,.]' _"
