New book validation procedure?

Dan Nicholson dbn.lists at gmail.com
Sat Jul 7 07:33:30 PDT 2007


On 7/7/07, M.Canales.es <macana at macana-es.com> wrote:
>
> They are placed in the /tmp dir, thus theoreticaly deleted after each reboot.
> And they are overwritten when running againg the target, thus there is no
> need to worry if someone altered they.
>
> That files could be deleted by the Makefile, but I don't see the need to do it
> and could help to track rendering issues.
>
> Actualy I was thinking on make the /tmp directory configurable via a makefile
> envar (like V=1 is for verbose output) to allow the user to select where to
> place that temporaly files.

I think it would be best if they were both cleaned up and made
configurable. First one is just good practice. No one likes when a
process doesn't clean up after itself. Potentially, there could just
be a clean target.

clean:
    rm -f /tmp/{blfs-full.xml,blfs-html.xml,blfs-patches,blfs-patch-list,blfs-pdf.fo,blfs-pdf.xml}

Second, creating files in /tmp can lead to symlink attacks. What if
some malicious person did this ahead of time?

$ ln -s /etc/shadow /tmp/blfs-full.xml

Probably nothing unless I happen to validate as root. Two
alternatives. Just have TMPDIR = /tmp and let people change it if they
want to be safe. Or, have TMPDIR = $(shell mktemp -d).

--
Dan



More information about the blfs-dev mailing list