Thread: pgsql/src/bin/initdb initdb.sh

pgsql/src/bin/initdb initdb.sh

From
Peter Eisentraut - PostgreSQL
Date:
CVSROOT:    /home/projects/pgsql/cvsroot
Module name:    pgsql
Changes by:    petere@hub.org    01/06/23 19:29:48

Modified files:
    src/bin/initdb : initdb.sh

Log message:
    Don't use a temp file.  It was created insecurely and was easy to do without.


Re: pgsql/src/bin/initdb initdb.sh

From
Bruce Momjian
Date:
> CVSROOT:    /home/projects/pgsql/cvsroot
> Module name:    pgsql
> Changes by:    petere@hub.org    01/06/23 19:29:48
>
> Modified files:
>     src/bin/initdb : initdb.sh
>
> Log message:
>     Don't use a temp file.  It was created insecurely and was easy to do without.

This brings up a question.  If I have pid 333 and someone creates a file
world-writable called /tmp/333, and I go and do:

    cat file >/tmp/$$

isn't another user now able to modify those temp file contents.  Is that
the insecurity you mentioned Peter, and if so, how do you prevent this?

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026

Re: pgsql/src/bin/initdb initdb.sh

From
Peter Eisentraut
Date:
Bruce Momjian writes:

> This brings up a question.  If I have pid 333 and someone creates a file
> world-writable called /tmp/333, and I go and do:
>
>     cat file >/tmp/$$
>
> isn't another user now able to modify those temp file contents.  Is that
> the insecurity you mentioned Peter, and if so, how do you prevent this?

That is one possibility.  Another exploit is with a symlink from /tmp/333
to a file you want to overwrite.  This is more fun with root, but it's
still not a good idea here.

To securely create a temp file in shell you need to use mktemp(1), or do
something like (umask 077 && mkdir $TMPDIR/$$) to create a subdirectory.
Needless to say, it's tricky.

--
Peter Eisentraut   peter_e@gmx.net   http://funkturm.homeip.net/~peter