https://bugzilla.novell.com/show_bug.cgi?id=714632 https://bugzilla.novell.com/show_bug.cgi?id=714632#c3 --- Comment #3 from Klaus Kämpf <kkaempf@suse.com> 2011-08-30 11:55:27 UTC --- (In reply to comment #2)
That's not quite as intended. The script must not use /var/lock/subsys at all. The theoretical attack is that an attacker that gains access to the lock group could put arbitrary things in /var/lock, e.g. stale symlinks pointing to somewhere. Your init script would follow such a link and touch a file in an arbitrary place. E.g. ln -s /etc/nologin /var/lock/subsys/hpi
Hmm, how's that different from tampering /var/run or any other dir/file used by the ipmiutil package ? I guess protecting the system from unauthorized access (i.e. to the lock group) is outside of ipmiutil. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.