Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Careful with that Axe, Eugene' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Careful with that Axe, Eugene
Authored by: AtomicMonkey on Jul 31, '06 08:38:30AM

The script I use cleans up before and after. So this is not an issue. Running as root, a loginhoook creates a file that cannot be overwritten.



[ Reply to This | # ]
Careful with that Axe, Eugene
Authored by: exel on Jul 31, '06 03:08:33PM

Ah, it wasn't clear form context that the script ran as root. I'd say you're still leaving some space for race conditions. If another user runs a script that constantly tries to create a file called /tmp/printer.final with some nefarious code in it, through the magic of multitasking he has a good chance of getting it executed _after_ your login script performs the rm -f on /tmp/print* but _before_ it got a chance to output to /tmp/printer.final (the window is even quite large because you are spending time sedding over the old printcap). Any unwanted commands in this temp-file will be executed as the root user.

Avoid /tmp for this kind of thing, or use mktemp, that's what it's there for.



[ Reply to This | # ]