netbsd-bugs: misc/3106: /etc/security leaves logfiles in /etc/mtree

Subject: misc/3106: /etc/security leaves logfiles in /etc/mtree
To: None <gnats-bugs@gnats.netbsd.org>
From: Andrew Wheadon <andrew@wipux2.wifo.uni-mannheim.de>
List: netbsd-bugs
Date: 01/14/1997 13:27:13

>Number:         3106
>Category:       misc
>Synopsis:       /etc/security leaves logfiles in /etc/mtree
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    misc-bug-people (Misc Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Jan 14 04:35:02 1997
>Last-Modified:
>Originator:     Andrew Wheadon
>Organization:
The cost of living hasn't affected its popularity. (Mark Twain)
current	release=doc host=netbsd.wifo.uni-mannheim.de \ "NetBSD-current mirror"
hostbase=/mit/ftp/pub/NetBSD base=/usr prefix=/usr backup delete use-rel-suffix
>Release:        13.01.97
>Environment:
	
System: NetBSD wipux2.wifo.uni-mannheim.de 1.2B NetBSD 1.2B (WIPOOL) #0: Sat Jan 11 03:34:48 MET 1997 toor@wipux2.wifo.uni-mannheim.de:/src/src/sys/arch/i386/compile/WIPOOL i386


>Description:
/etc/security changes directory to /etc/mtree when checking 
/etc/mtree/special and /etc/mtree/*.secure. At this point all
output including OUTPUT=secure6.$$ lands in /etc/mtree, and
since the only removal of logs is rm $SECUREDIR these files
don't get removed.
	
>How-To-Repeat:
run /etc/security with check_mtree enabled in /etc/security.conf
and then look at the empty files created in /etc/mtree called
secure6.*
	
>Fix:
I'm not sure whether this fix is correct since I don't know what
this line (*) does but I presume the complete path-name in $file will
have no effect.
(*) 		tree=`sed -n -e '3s/.* //p' -e 3q $file`
The patch just removes the cd /etc/mtree and access the files
with the complete path instead, thus leaving all output to go
to $SECUREDIR

--- security.mrg	Tue Jan 14 12:53:13 1997
+++ security	Tue Jan 14 13:03:51 1997
@@ -529,7 +529,7 @@
 # the hacker can modify the tree specification to match the replaced binary.
 # For details on really protecting yourself against modified binaries, see
 # the mtree(8) manual page.
-if [ X"$check_mtree" = XYES ] && cd /etc/mtree; then
+if [ X"$check_mtree" = XYES ]; then
 (
 	mtree -e -p / -f /etc/mtree/special > $OUTPUT
 	if [ -s $OUTPUT ]; then
@@ -538,8 +538,8 @@
 	fi
 
 	> $OUTPUT
-	for file in *.secure; do
-		[ $file = '*.secure' ] && continue
+	for file in /etc/mtree/*.secure; do
+		[ $file = '/etc/mtree/*.secure' ] && continue
 		tree=`sed -n -e '3s/.* //p' -e 3q $file`
 		mtree -f $file -p $tree > $TMP1
 		if [ -s $TMP1 ]; then
	
>Audit-Trail:
>Unformatted: