Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.1:Test
puppet
0.25-9792-Predictable-temporary-filename-in-ral...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0.25-9792-Predictable-temporary-filename-in-ralsh.patch of Package puppet
From 21b7192320dbb79a8cfe1fd3e06d0d399c964c0f Mon Sep 17 00:00:00 2001 From: Daniel Pittman <daniel@puppetlabs.com> Date: Wed, 28 Sep 2011 23:23:55 -0700 Subject: [PATCH] (#9792) Predictable temporary filename in ralsh. When ralsh is used in edit mode the temporary filename is in a shared directory, and is absolutely predictable. Worse, it won't be touched until well after the startup of the command. It can be tricked into writing through a symlink to edit any file on the system, or to create through it, but worse - the file is reopened with the same name later, so it can have the target replaced between edit and operate... The only possible mitigation comes from the system editor and the behaviour it has around editing through symbolic links, which is very weak. This improves this to prefer the current working directory for the temporary file, and to be somewhat less predictable and more safe in conjuring it into being. Signed-off-by: Daniel Pittman <daniel@puppetlabs.com> --- lib/puppet/application/ralsh.rb | 27 +++++++++++++++++---------- 1 files changed, 17 insertions(+), 10 deletions(-) diff --git a/lib/puppet/application/ralsh.rb b/lib/puppet/application/ralsh.rb index b9f7a58..593d3c1 100644 --- a/lib/puppet/application/ralsh.rb +++ b/lib/puppet/application/ralsh.rb @@ -119,18 +119,25 @@ Puppet::Application.new(:ralsh) do end.compact.join("\n") if options[:edit] - file = "/tmp/x2puppet-#{Process.pid}.pp" + require 'tempfile' + # Prefer the current directory, which is more likely to be secure + # and, in the case of interactive use, accessible to the user. + tmpfile = Tempfile.new('x2puppet', Dir.pwd) begin - File.open(file, "w") do |f| - f.puts text - end - ENV["EDITOR"] ||= "vi" - system(ENV["EDITOR"], file) - system("puppet -v " + file) + # sync write, so nothing buffers before we invoke the editor. + tmpfile.sync = true + tmpfile.puts text + + # edit the content + system(ENV["EDITOR"] || 'vi', tmpfile.path) + + # ...and, now, pass that file to puppet to apply. Because + # many editors rename or replace the original file we need to + # feed the pathname, not the file content itself, to puppet. + system('puppet -v ' + tmpfile.path) ensure - #if FileTest.exists? file - # File.unlink(file) - #end + # The temporary file will be safely removed. + tmpfile.close(true) end else puts text -- 1.7.6.4
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor