extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-27 18:13:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Avoid local exploitability with compile output file -- Take 3

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3256 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-01-08 00:10:25 +00:00
parent cc7f84cea9
commit 89b7028f46
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
Shorewall/firewall
View File

@ -8904,6 +8904,11 @@ compile_firewall() # $1 = File Name
# #
# END OVERLOADED FUNCTIONS # END OVERLOADED FUNCTIONS
# #
verify_os_version
verify_ip
[ -d /var/lib/shorewall ] || { mkdir -p /var/lib/shorewall ; chmod 700 /var/lib/shorewall; }
case $outfile in case $outfile in
*/*) */*)
[ -d $dir ] || startup_error "Directory $dir does not exist" [ -d $dir ] || startup_error "Directory $dir does not exist"
@ -8919,11 +8924,6 @@ compile_firewall() # $1 = File Name
[ -f $outfile -a ! -x $outfile ] && startup_error "$outfile exists and is not a restore file" [ -f $outfile -a ! -x $outfile ] && startup_error "$outfile exists and is not a restore file"
verify_os_version
verify_ip
[ -d /var/lib/shorewall ] || { mkdir -p /var/lib/shorewall ; chmod 700 /var/lib/shorewall; }
RESTOREBASE=$(mktempfile /var/lib/shorewall) RESTOREBASE=$(mktempfile /var/lib/shorewall)
STATEDIR=/var/lib/shorewall/.compiler STATEDIR=/var/lib/shorewall/.compiler
@ -9047,9 +9047,9 @@ compile_firewall() # $1 = File Name
mv -f $RESTOREBASE $outfile mv -f $RESTOREBASE $outfile
chmod 700 $file chmod 700 $outfile
echo "Shorewall configuration compiled to $file" echo "Shorewall configuration compiled to $outfile"
rm -rf $TMP_DIR rm -rf $TMP_DIR
} }