On Nov 2, 1:43pm, Robert Watson wrote: > Subject: Re: [Re: Amanda multiple vendor local root compromises] ... > It should also be pointed out that the symlink bug described in the > original post seems to be a bug in Amanda that is not platform-specific -- > I haven't seen any further comment on that, only on the package > installation. Has anyone verified that the amanda.debug file is created > in such a way that a) it has a predictable name, and b) it follows > symlinks? Really, it should probably go in /var/run (or equiv directory > on whatever OS), should be created using O_CREAT and O_EXCL, or should be > created using mktemp. Probably the first option is best. I'll make a comment on that. On our systems all the amanda temp files are now created in a directory /tmp/amanda, which has access only to the amanda user (i.e. 700). This is for amanda ver 2.4.1p1, and was compiled locally (unfortunately, not by me, so I don't know if there were any special options). I know that previous version did create such files in /tmp. Frank -- Frank Crawford Email: frankat_private Postal: PMB 1 Site Systems Manager Phone: +61 2 9717 3015 Menai NSW 2234 ANSTO Fax: +61 2 9717 9273 Australia PGP Fingerprint: (8BB1C821) 06 4F 35 82 1D D6 0E 56 9F AB B8 F7 67 AF 1A 9D
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:09:35 PDT