Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[tcpcrypt-dev] [PATCH] avoid symlink attacks in launch_tcpcryptd.sh

Andrea Bittau bittau at cs.stanford.edu
Wed Jul 23 08:50:48 PDT 2014


yeah it only seems to be used by the test script so it might not be
the end of the world.

i'm concerned with /run/ because i'm not sure how multiplatform it is.
E.g., mac doesn't seem to have it.


On Wed, Jul 23, 2014 at 7:09 AM, Daniel Kahn Gillmor
<dkg at fifthhorseman.net> wrote:
> /tmp is world-writable -- if a non-privileged user creates a symlink
> in /tmp/tcpcrypt.pid pointing to some file, then the superuser
> executing launch_tcpcryptd.sh will truncate that file.
>
> Modern systems will use /run for this sort of thing, rather than /tmp,
> since /run is not world-writable.
>
> However, i don't see $PIDFILE ever being actually used in this script,
> so the simplest fix might be to just drop the use of $PIDFILE
> entirely.
> ---
>  user/launch_tcpcryptd.sh | 2 +-
>  user/test/test_sessid.sh | 4 ++--
>  2 files changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/user/launch_tcpcryptd.sh b/user/launch_tcpcryptd.sh
> index 9be678c..d2ae8a2 100755
> --- a/user/launch_tcpcryptd.sh
> +++ b/user/launch_tcpcryptd.sh
> @@ -6,7 +6,7 @@ PORT2=${2:-7777}
>
>  TCPCRYPTD=`dirname $0`/src/tcpcryptd
>  DIVERT_PORT=666
> -PIDFILE=/tmp/tcpcrypt.pid
> +PIDFILE=/run/tcpcrypt.pid
>
>  start_tcpcryptd() {
>      LD_LIBRARY_PATH=lib/ $TCPCRYPTD $OPTS -p $DIVERT_PORT &
> diff --git a/user/test/test_sessid.sh b/user/test/test_sessid.sh
> index 4855e95..4ab9ca8 100644
> --- a/user/test/test_sessid.sh
> +++ b/user/test/test_sessid.sh
> @@ -1,5 +1,5 @@
>  #!/bin/sh
> -PIDFILE=/tmp/tcpcrypt.pid
> +PIDFILE=/run/tcpcrypt.pid
>
>  `dirname $0`/../launch_tcpcryptd.sh &
>  sleep 2
> @@ -8,4 +8,4 @@ RET=$?
>  kill `cat $PIDFILE 2>/dev/null` > /dev/null 2>&1
>  rm -f $PIDFILE
>  echo "$RES"
> -exit $RET
> \ No newline at end of file
> +exit $RET
> --
> 2.0.1
>
> _______________________________________________
> tcpcrypt-dev mailing list
> tcpcrypt-dev at lists.stanford.edu
> https://mailman.stanford.edu/mailman/listinfo/tcpcrypt-dev
>


More information about the tcpcrypt-dev mailing list