This is the mail archive of the
cluster-cvs@sourceware.org
mailing list for the cluster.
STABLE2 - rgmanager: randomize file for automatic data dump
- From: "Fabio M. Di Nitto" <fabbione at fedoraproject dot org>
- To: cluster-cvs-relay at redhat dot com
- Date: Thu, 30 Oct 2008 09:12:30 +0000 (UTC)
- Subject: STABLE2 - rgmanager: randomize file for automatic data dump
Gitweb: http://git.fedorahosted.org/git/cluster.git?p=cluster.git;a=commitdiff;h=8e7eaa9bc66e010e9c8c4938db67ef67573e6783
Commit: 8e7eaa9bc66e010e9c8c4938db67ef67573e6783
Parent: e2eba2cb43acaf17c37d5994154fb7b833de1046
Author: Fabio M. Di Nitto <fdinitto@redhat.com>
AuthorDate: Wed Oct 22 08:56:16 2008 +0200
Committer: Fabio M. Di Nitto <fdinitto@redhat.com>
CommitterDate: Thu Oct 30 10:12:08 2008 +0100
rgmanager: randomize file for automatic data dump
by using a static path to /tmp, the operation can be used to trigger
a local DoS by a normal user.
Mitigate the issue by randomizing the output file with pid.
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
---
rgmanager/src/daemons/main.c | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/rgmanager/src/daemons/main.c b/rgmanager/src/daemons/main.c
index bc2375d..9f4a32f 100644
--- a/rgmanager/src/daemons/main.c
+++ b/rgmanager/src/daemons/main.c
@@ -707,9 +707,14 @@ event_loop(msgctx_t *localctx, msgctx_t *clusterctx)
tv.tv_usec = 0;
if (signalled) {
+ char dumpfile[PATH_MAX];
+
signalled = 0;
+
+ memset(dumpfile, 0, PATH_MAX);
+ sprintf(dumpfile, "/tmp/rgmanager-dump.%d", getpid());
- dump_internal_state("/tmp/rgmanager-dump");
+ dump_internal_state(dumpfile);
}
while (running && (tv.tv_sec || tv.tv_usec)) {