COMMAND

    dhcp

SYSTEMS AFFECTED

    RedHat 5.0

PROBLEM

    Mark A. Spencer found another another RH5 /tmp problem.  RedHat 5,
    when using dhcp to configure  the interface calls a script  called
    "ifdhcpc-done"  to  be   executed  after  a   dhcp  interface   is
    configured.  At the end of the process it updates resolv.conf:

        if [ -f /etc/dhcpc/resolv.conf ]; then
               echo "setting up resolv.conf" >> /tmp/dhcplog
               cp /etc/dhcpc/resolv.conf /etc
        fi

    There is no protection against  the dhcplog file being a  symbolic
    link,  clobbering,  blah  de  blah  de  blah...   (it seems pretty
    useless to maintain  it too, since  this is the  only message that
    ever seems to appear in the log).

        -rw-rw-rw-   1 root     root          690 Mar  9 17:23 dhcplog

    Oh, and the file also seems to default to being permissions of 666
    which allows for easy avoidance of disk quotas...  The only way to
    exploit this is  if the dhcplog  file doesn't already  exist which
    can occur if  the system has  been up for  10 days or  more and is
    then rebooted.

SOLUTION

    As a workaround, simply touch the file every time system is  going
    up.  This is fixed now however so get update (initscripts-3.32).