[Pkg-freeipmi-devel] Bug#690040: freeipmi: Build with PIE, bindnow, openfiles with O_EXCL and check return status

[Yaroslav Halchenko]

On Tue, 09 Oct 2012, Albert Chu wrote:
> > > The default location for this library's debug dumps is /tmp.  I
> > > admittedly chose it somewhat at random, it just felt like a decent
> > > location. 
> > my take on it (Dave might clarify what intention he had) was -- security
> > precaution since wouldn't it allow an attack vector via symlinks to
> > root-owned precious files? (e.g. an evil attacker might ln -s
> > /etc/whateverimportant /tmp/ipmiconsole_debug) so then naive run of the
> > ipmiconsole as root would render that file "broken"
> Makes sense, I could see that.


> > I guess ideally --debug should just take a filename as an argument... ?
> The --debug output in the ipmiconsole tool outputs dumps to stderr.

ah ;)

> Hmmmm. What would be the best thing to do?  I'm actually liking the idea
> of dumping to the current working directory, so that it's the
> responsibility of the developer to know what they are doing with this
> option.

and you are the boss here -- then O_EXCL should still be kinda useful
to preclude those evil acts as far as I see it -- the "developer" might
end up in /tmp after some wonder-abouts ;)

alternatively -- debug output filename could make use of mkstemp to
craft a unique filename

-- 
Yaroslav O. Halchenko
Postdoctoral Fellow,   Department of Psychological and Brain Sciences
Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755
Phone: +1 (603) 646-9834                       Fax: +1 (603) 646-1419
WWW:   http://www.linkedin.com/in/yarik