|
|
Careful with that Axe, Eugene
Just a minor point, the /tmp directory can be written to by anyone. If your machine is a multi user system, this script creates several security problems. If another user manages to create a /tmp/printer.final with 755 permissions, this hint's script will silently fail at removing it and may allow a malicious user to execute commands with _your_ user privileges.
Careful with that Axe, Eugene
The script I use cleans up before and after. So this is not an issue. Running as root, a loginhoook creates a file that cannot be overwritten.
Careful with that Axe, Eugene
Ah, it wasn't clear form context that the script ran as root. I'd say you're still leaving some space for race conditions. If another user runs a script that constantly tries to create a file called /tmp/printer.final with some nefarious code in it, through the magic of multitasking he has a good chance of getting it executed _after_ your login script performs the rm -f on /tmp/print* but _before_ it got a chance to output to /tmp/printer.final (the window is even quite large because you are spending time sedding over the old printcap). Any unwanted commands in this temp-file will be executed as the root user.
Careful with that Axe, Eugene
I see what you are talking about. You mean the Platypus script. Like I said this is just the basis for that script. The Platypus script uses /Users/$USERNAME/Library/tmp to do it's business.
Careful with that Axe, Eugene
Eugene? I told you never to call me that! The name's Plague. Mr. The Plague. |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.06 seconds |
|