[Pkg-alsa-devel] Bug#294128: [Fwd: Re: Possible alsaconf fix]
Thomas Hood
Thomas Hood <jdthood@aglu.demon.nl>, 294128@bugs.debian.org
Wed, 09 Feb 2005 22:47:56 +0100
-------- Forwarded Message --------
From: Javier Fern=E1ndez-Sanguino Pe=F1a <jfs@computer.org>
To: Thomas Hood <jdthood@aglu.demon.nl>
Subject: Re: Possible alsaconf fix
Date: Wed, 9 Feb 2005 20:44:25 +0100
On Wed, Feb 09, 2005 at 02:00:46PM +0100, Thomas Hood wrote:
> How about this?
>=20
> #! /bin/sh /usr/share/dpatch/dpatch-run
> ## 20_write_tmp_file_safely.dpatch by <jdthood@yahoo.co.uk>
> ##
> ## All lines beginning with `## DP:' are a description of the patch.
> ## DP: Initialize card database file in /var/tmp/ safely
>=20
> @DPATCH@
> diff -urNad
> alsa-utils-1.0.8/alsaconf/alsaconf.in /tmp/dpep.LM8CdC/alsa-utils-1.0.8=
/alsaconf/alsaconf.in
> --- alsa-utils-1.0.8/alsaconf/alsaconf.in 2005-02-09
> 12:35:32.000000000 +0100
> +++ /tmp/dpep.LM8CdC/alsa-utils-1.0.8/alsaconf/alsaconf.in 2005-02=
-09 13:54:19.000000000 +0100
> @@ -513,8 +513,11 @@
> fi
> fi
> if [ $use_modinfo_db =3D 1 ]; then
> - xecho "Building card database.."
> - build_card_db $CARDID_DB
> + if CARDID_DB_TMP=3D"$(mktemp -q ${CARDID_DB}.XXXXXX)" &&
> [ "$CARDID_DB_TMP" ] ; then
> + xecho "Building card database.."
> + mv -f $CARDID_DB_TMP $CARDID_DB
> + build_card_db $CARDID_DB
> + fi
> fi
> if [ ! -r $CARDID_DB ]; then
> xecho "No card database is found.."
A quick look: If a user created a CARDID_DB directory, then you will be
moving the file _into_ the directory and he can, effectively, DOS the
application or have unexpected consequences (notice that [ -r CARDID_DB ]
would be true, even if it's a directory)
How about using a file at /var/cache/alsaconf/ and create that directory =
in=20
the package so that only root can access it? Why create the file at=20
/var/tmp/ at all?
Regards
Javier
--=20
Thomas Hood <jdthood@aglu.demon.nl>