Bugtraq mailing list archives
Re: FSA-99.04-IPFILTER-v3.2.10
From: avalon () COOMBS ANU EDU AU (Darren Reed)
Date: Fri, 16 Apr 1999 09:10:18 +1000
In some mail from 0x1c, sie said:
The author (Darren Reed) was notified about this problem early April. I believe it has been fixed in the latest version.
[...]
Do not place lockfiles in /tmp. Each flavor listed above has a specific directory for such files, ie, "/var/run" in FreeBSD, OpenBSD, and NetBSD. When opening these files, use open with O_EXCL and fdopen, rather than fopen.
The files which have data written to are not lockfiles so placing them under /var/run could be considered inappropriate. For those who actually make use of the feature and/or feel they need a patch to correctly address this situation (they do testing as root on systems where unfriendly users are likely to be present and hanging out waiting for root to possibly do something like this), see below. Darren Index: ip_fil.c =================================================================== RCS file: /devel/CVS/IP-Filter/ip_fil.c,v retrieving revision 2.0.2.44.2.17 retrieving revision 2.0.2.44.2.18 diff -c -r2.0.2.44.2.17 -r2.0.2.44.2.18 *** ip_fil.c 1999/03/15 11:51:57 2.0.2.44.2.17 --- ip_fil.c 1999/04/11 10:42:36 2.0.2.44.2.18 *************** *** 1126,1147 **** ip_t *ip; { # endif - FILE *fp; char fname[32]; # if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199606)) || \ (defined(OpenBSD) && (OpenBSD >= 199603)) sprintf(fname, "/tmp/%s", ifp->if_xname); - if ((fp = fopen(fname, "a"))) { - fclose(fp); - } # else sprintf(fname, "/tmp/%s%d", ifp->if_name, ifp->if_unit); - if ((fp = fopen(fname, "a"))) { - fwrite((char *)ip, ntohs(ip->ip_len), 1, fp); - fclose(fp); - } # endif return 0; } --- 1126,1147 ---- ip_t *ip; { # endif char fname[32]; + int fd; # if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199606)) || \ (defined(OpenBSD) && (OpenBSD >= 199603)) sprintf(fname, "/tmp/%s", ifp->if_xname); # else sprintf(fname, "/tmp/%s%d", ifp->if_name, ifp->if_unit); # endif + fd = open(fname, O_WRONLY|O_APPEND); + if (fd == -1) { + perror("open"); + return -1; + } + write(fd, (char *)ip, ntohs(ip->ip_len)); + close(fd); return 0; } *************** *** 1204,1227 **** void init_ifp() { - FILE *fp; struct ifnet *ifp, **ifa; char fname[32]; # if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199606)) || \ (defined(OpenBSD) && (OpenBSD >= 199603)) for (ifa = ifneta; ifa && (ifp = *ifa); ifa++) { ifp->if_output = write_output; sprintf(fname, "/tmp/%s", ifp->if_xname); ! if ((fp = fopen(fname, "w"))) ! fclose(fp); } # else for (ifa = ifneta; ifa && (ifp = *ifa); ifa++) { ifp->if_output = write_output; sprintf(fname, "/tmp/%s%d", ifp->if_name, ifp->if_unit); ! if ((fp = fopen(fname, "w"))) ! fclose(fp); } # endif } --- 1204,1234 ---- void init_ifp() { struct ifnet *ifp, **ifa; char fname[32]; + int fd; + # if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199606)) || \ (defined(OpenBSD) && (OpenBSD >= 199603)) for (ifa = ifneta; ifa && (ifp = *ifa); ifa++) { ifp->if_output = write_output; sprintf(fname, "/tmp/%s", ifp->if_xname); ! fd = open(fname, O_WRONLY|O_CREAT|O_EXCL, 0600); ! if (fd == -1) ! perror("open"); ! else ! close(fd); } # else for (ifa = ifneta; ifa && (ifp = *ifa); ifa++) { ifp->if_output = write_output; sprintf(fname, "/tmp/%s%d", ifp->if_name, ifp->if_unit); ! fd = open(fname, O_WRONLY|O_CREAT|O_EXCL, 0600); ! if (fd == -1) ! perror("open"); ! else ! close(fd); } # endif }
Current thread:
- Re: FlowPoint ADSL Reported Problem David Brumley (Apr 14)
- Re: FlowPoint ADSL Reported Problem Philip Rakity (Apr 14)
- FSA-99.04-IPFILTER-v3.2.10 0x1c (Apr 15)
- Re: FlowPoint ADSL Reported Problem Chris Shenton (Apr 15)
- Re: FSA-99.04-IPFILTER-v3.2.10 Darren Reed (Apr 15)