Serious softupdate security problem
Per Foreby
perf at ddg.lth.se
Tue Nov 21 15:57:29 CET 2006
$target seems to create problems in cfengine scripts when doing
softupdates. Cfengine doesn't like the double slashes, maybe because it
triggers the windows file syntax.
I'm using fai-client 2.10.5 (sarge) and this happens if I run
"fai softupdate":
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
scripts/FAIBASE/40-misc (copied from examples):
directories:
any::
${target}/tmp mode=1777 owner=0 group=0
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
cfengine.log:
MakePath(//tmp)
cfengine: / had permission 755, changed it to 1777
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
$ ls -ld /
drwxrwxrwt 27 root root 4096 2006-11-21 14:29 /
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Something like this in fai-do-scripts should solve this problem:
oldtarget=$target
target=`echo $target | sed 's/^\/$//'`
./$file -K -v -f $file -D${cfclasses} >> $LOGDIR/cfengine.log 2>&1
target=$oldtarget
I would imagine that the same problem exists with cfagent, but I haven't
tested it.
/Per
More information about the linux-fai
mailing list