[Bug 445105] Re: uses unsafe /tmp files

Daniel Nurmi Thu, 15 Oct 2009 11:11:20 -0700

Greetings,

We've analyzed the points in the source tree that are referenced, and
have found that none of them are actually exercised in a Karmic default
eucalyptus running system.  More detail on each follows:


GLclient is a testing utility that doesn't get installed by the package (or a 
'make install' for that matter)
./gatherlog/GLclient.c: env = axutil_env_create_all("/tmp/fooh", 
AXIS2_LOG_LEVEL_TRACE);

install-sh is only used for building eucalyptus
./install-sh:    tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$

the function in 'storage.c' that uses these files is only used by 'test.c' in 
'storage/', which is a utility that is never installed
./storage/storage.c:#define F1 "/tmp/improbable-cache-file-1"
./storage/storage.c:#define F2 "/tmp/improbable-cache-file-2"
./storage/storage.c:#define F3 "/tmp/improbable-cache-file-3"
./storage/storage.c:#define F4 "/tmp/improbable-cache-file-4"
./storage/storage.c:#define F5 "/tmp/improbable-cache-file-5"
./storage/storage.c:#define RM_CMD "rm -rf /tmp/improbable-cache-file-?"

CCclient is a debugging utility that is not installed 
./cluster/CCclient.c: env = axutil_env_create_all("/tmp/fofo", 
AXIS2_LOG_LEVEL_TRACE);

These two are never used for Karmic by default (which uses the handlers_kvm.c), 
unless a user installs Xen on their node controllers.  The first can be 
entirely removed (is just there for debugging).  The second is actually, I 
believe, as unpredictable or more so than a file created with mktemp().  
Eucalyptus instanceIds are random unique ids of 8 hex characters ("i-ABCDEFGH" 
where A-H are hex values).
./tools/detach.pl:system("cp $virshxmlfile /tmp/wtf");
./node/handlers_xen.c: snprintf(filename, 1024, "/tmp/consoleOutput.%s", 
instanceId);

The httpd*.conf that ends up actually being used has this value set to '/' 
instead of '/tmp'.  The init script(s) actually replace this with '/'.
./debian/patches/var_lib_eucalyptus.diff: HTTPD_HOME="/tmp/"
./tools/httpd.conf:ServerRoot "/tmp"

This tool is never installed.
./tools/euca_watchdog.pl:our $chkpt_file = "/tmp/euca_watchdog.checkpoint";

-- 
uses unsafe /tmp files
https://bugs.launchpad.net/bugs/445105
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 445105] Re: uses unsafe /tmp files

Reply via email to