From nobody@FreeBSD.org  Sun Aug  4 05:12:24 2002
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id ECD4C37B40B
	for <freebsd-gnats-submit@FreeBSD.org>; Sun,  4 Aug 2002 05:12:23 -0700 (PDT)
Received: from www.freebsd.org (www.FreeBSD.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D42CF43E8A
	for <freebsd-gnats-submit@FreeBSD.org>; Sun,  4 Aug 2002 05:12:16 -0700 (PDT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.12.4/8.12.4) with ESMTP id g74CAtOT073404
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 4 Aug 2002 05:10:55 -0700 (PDT)
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.12.4/8.12.4/Submit) id g74CAha1073392;
	Sun, 4 Aug 2002 05:10:43 -0700 (PDT)
Message-Id: <200208041210.g74CAha1073392@www.freebsd.org>
Date: Sun, 4 Aug 2002 05:10:43 -0700 (PDT)
From: Oliver Eikemeier <eikemeier@fillmore-labs.de>
To: freebsd-gnats-submit@FreeBSD.org
Subject: security check scripts do not delete temporary files when disabled
X-Send-Pr-Version: www-1.0

>Number:         41309
>Category:       misc
>Synopsis:       security check scripts do not delete temporary files when disabled
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    brian
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Aug 04 05:20:02 PDT 2002
>Closed-Date:    Sat Nov 15 19:08:59 PST 2003
>Last-Modified:  Sat Nov 15 19:08:59 PST 2003
>Originator:     Oliver Eikemeier
>Release:        4.6-STABLE
>Organization:
Fillmore Labs <http://www.fillmore-labs.com>
>Environment:
FreeBSD cvs.fillmore-labs.com 4.6-STABLE FreeBSD 4.6-STABLE #2: Sat Aug  3 13:28:06 CEST 2002     root@lima.fillmore-labs.com:/usr/obj/usr/src/sys/LIMA  i386     
>Description:
The default security check scripts
 100.chksetuid
 200.chkmounts
 500.ipfwdenied
 550.ipfwlimit
 600.ip6fwdenied
 650.ip6fwlimit
 700.kernelmsg
(all in /etc/periodic/security)
create a temporary file with ' /tmp/security.XXXXXXXXXX', but delete them only when they are enabled. This is especially annoying in a jail, where you have to disable some.
>How-To-Repeat:
set
daily_status_security_chksetuid_enable="NO"
daily_status_security_chkmounts_enable="NO"
daily_status_security_noamd="NO"
daily_status_security_nomfs="NO"
daily_status_security_ipfwdenied_enable="NO"
daily_status_security_ipfwlimit_enable="NO"
daily_status_security_ip6fwdenied_enable="NO"
daily_status_security_ip6fwlimit_enable="NO"
daily_status_security_kernelmsg_enable="NO"
in /etc/periodic.conf, wait 24 hours...     
>Fix:
workaround: set daily_clean_tmps_enable="NO" in periodic.conf

fix: change the scripts that the files are only created when needed.
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->brian 
Responsible-Changed-By: johan 
Responsible-Changed-When: Fri Aug 23 10:04:45 PDT 2002 
Responsible-Changed-Why:  
Over to periodic guru. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=41309 

From: Oliver Eikemeier <eikemeier@fillmore-labs.com>
To: freebsd-gnats-submit@FreeBSD.org, brian@FreeBSD.org
Cc:  
Subject: Re: misc/41309: security check scripts do not delete temporary files
 when disabled
Date: Tue, 15 Apr 2003 22:04:49 +0200

 This is a cryptographically signed message in MIME format.
 
 --------------ms030400040506030807010902
 Content-Type: text/plain; charset=us-ascii; format=flowed
 Content-Transfer-Encoding: 7bit
 
 Please close this bug. It is an duplicate of pr bin/40960 
 <http://www.freebsd.org/cgi/query-pr.cgi?pr=40960>, and is fixed since 
 Aug 28 2002.
 
 Thanks
      Oliver
 
 --------------ms030400040506030807010902
 Content-Type: application/x-pkcs7-signature; name="smime.p7s"
 Content-Transfer-Encoding: base64
 Content-Disposition: attachment; filename="smime.p7s"
 Content-Description: S/MIME Cryptographic Signature
 
 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIII2jCC
 ArwwggIloAMCAQICAQIwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UEBhMCREUxGzAZBgNVBAoT
 EkZpbGxtb3JlIExhYnMgR21iSDEdMBsGA1UEAxMURmlsbG1vcmUgTGFicyBSb290Q0EwHhcN
 MDIwOTAyMDk0MjA0WhcNMTIwODMwMDk0MjA0WjBJMQswCQYDVQQGEwJERTEbMBkGA1UEChMS
 RmlsbG1vcmUgTGFicyBHbWJIMR0wGwYDVQQDExRGaWxsbW9yZSBMYWJzIFVzZXJDQTCBnzAN
 BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwN3ytau5IDWRUEoH3+fLy5FGkviA+a2yilSESyJj
 oou4s3/JSoSTVajcpAq2Kf8B9/qZv81Ao7he/50bcBMMRcBxqV3qFskfbA58XzTAEBFle3KH
 Hpdlav26GAOsZd5Lo2iUZRFsnjWuFD6PJfMIesDVVpkz26zNZAyq7IydkmMCAwEAAaOBszCB
 sDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR/0nJ9xeOLgTP6BgvLpA9eyVvI6DBxBgNV
 HSMEajBogBTDtZ3laNF/kWus+uDmj2FnixJ+BaFNpEswSTELMAkGA1UEBhMCREUxGzAZBgNV
 BAoTEkZpbGxtb3JlIExhYnMgR21iSDEdMBsGA1UEAxMURmlsbG1vcmUgTGFicyBSb290Q0GC
 AQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBAHsFlqpba9rhWJst760cufl3Tb2S
 siiAg/p6j2slnCfaj94WVjwGxFAl5zJEPnFO6L0In7nHVw/2cDV1o8S9dsTRYa90P8WdRumG
 qZqT+MeK526vso2m2LFplVOw/qWQomOwYUD91aCPfUK0lILHvO4EE8eQFV0g7udCsj6rkbK/
 MIIDCTCCAnKgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBJMQswCQYDVQQGEwJERTEbMBkGA1UE
 ChMSRmlsbG1vcmUgTGFicyBHbWJIMR0wGwYDVQQDExRGaWxsbW9yZSBMYWJzIFVzZXJDQTAe
 Fw0wMjA5MDIxMDIyMzJaFw0wMzA5MDIxMDIyMzJaMHExCzAJBgNVBAYTAkRFMRswGQYDVQQK
 ExJGaWxsbW9yZSBMYWJzIEdtYkgxGTAXBgNVBAMTEE9saXZlciBFaWtlbWVpZXIxKjAoBgkq
 hkiG9w0BCQEWG2Vpa2VtZWllckBmaWxsbW9yZS1sYWJzLmNvbTCBnzANBgkqhkiG9w0BAQEF
 AAOBjQAwgYkCgYEA/+/Dk150ic/dEsLbIlvu5NbqCKI9EV0UNhAWl/G4vGjTVsUD2BYsGx+t
 ijUzmSOnmw483Azb/czXx7GMxIFPKtnWUknTJ9WcmKtktDc/SKNSHJvzZEAKQI6cijSZDfRN
 aJUs0Y5+L22+GPWoZL8G+dITqNyBwhYW04JSkS3tpbECAwEAAaOB2DCB1TAMBgNVHRMBAf8E
 AjAAMB0GA1UdDgQWBBRlCdM8r8nOPfJ7EuqzuCZAoPV0HzBxBgNVHSMEajBogBR/0nJ9xeOL
 gTP6BgvLpA9eyVvI6KFNpEswSTELMAkGA1UEBhMCREUxGzAZBgNVBAoTEkZpbGxtb3JlIExh
 YnMgR21iSDEdMBsGA1UEAxMURmlsbG1vcmUgTGFicyBSb290Q0GCAQIwCwYDVR0PBAQDAgOo
 MCYGA1UdEQQfMB2BG2Vpa2VtZWllckBmaWxsbW9yZS1sYWJzLmNvbTANBgkqhkiG9w0BAQUF
 AAOBgQBzVCwq3/PKtjQNvgI2YJ5A7u7RJ41i8h9MHQfrrbeDMk3yvAxxDtxzc6TCMg7vJIV0
 IUt3IcnJJfht0URSGRoXn3ilfADhxDKLQZPit9mTftS22IIjOVE7eftMes/VNcVBBWGQYfIz
 r/fwSw+g0vReyBPYdFcxwTMP0ekXM02JOTCCAwkwggJyoAMCAQICAQIwDQYJKoZIhvcNAQEF
 BQAwSTELMAkGA1UEBhMCREUxGzAZBgNVBAoTEkZpbGxtb3JlIExhYnMgR21iSDEdMBsGA1UE
 AxMURmlsbG1vcmUgTGFicyBVc2VyQ0EwHhcNMDIwOTAyMTAyMjMyWhcNMDMwOTAyMTAyMjMy
 WjBxMQswCQYDVQQGEwJERTEbMBkGA1UEChMSRmlsbG1vcmUgTGFicyBHbWJIMRkwFwYDVQQD
 ExBPbGl2ZXIgRWlrZW1laWVyMSowKAYJKoZIhvcNAQkBFhtlaWtlbWVpZXJAZmlsbG1vcmUt
 bGFicy5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAP/vw5NedInP3RLC2yJb7uTW
 6giiPRFdFDYQFpfxuLxo01bFA9gWLBsfrYo1M5kjp5sOPNwM2/3M18exjMSBTyrZ1lJJ0yfV
 nJirZLQ3P0ijUhyb82RACkCOnIo0mQ30TWiVLNGOfi9tvhj1qGS/BvnSE6jcgcIWFtOCUpEt
 7aWxAgMBAAGjgdgwgdUwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUZQnTPK/Jzj3yexLqs7gm
 QKD1dB8wcQYDVR0jBGowaIAUf9JyfcXji4Ez+gYLy6QPXslbyOihTaRLMEkxCzAJBgNVBAYT
 AkRFMRswGQYDVQQKExJGaWxsbW9yZSBMYWJzIEdtYkgxHTAbBgNVBAMTFEZpbGxtb3JlIExh
 YnMgUm9vdENBggECMAsGA1UdDwQEAwIDqDAmBgNVHREEHzAdgRtlaWtlbWVpZXJAZmlsbG1v
 cmUtbGFicy5jb20wDQYJKoZIhvcNAQEFBQADgYEAc1QsKt/zyrY0Db4CNmCeQO7u0SeNYvIf
 TB0H6623gzJN8rwMcQ7cc3OkwjIO7ySFdCFLdyHJySX4bdFEUhkaF594pXwA4cQyi0GT4rfZ
 k37UttiCIzlRO3n7THrP1TXFQQVhkGHyM6/38EsPoNL0XsgT2HRXMcEzD9HpFzNNiTkxggJp
 MIICZQIBATBOMEkxCzAJBgNVBAYTAkRFMRswGQYDVQQKExJGaWxsbW9yZSBMYWJzIEdtYkgx
 HTAbBgNVBAMTFEZpbGxtb3JlIExhYnMgVXNlckNBAgECMAkGBSsOAwIaBQCgggFxMBgGCSqG
 SIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTAzMDQxNTIwMDQ0OVowIwYJ
 KoZIhvcNAQkEMRYEFEFruKk/oFa5IFoa9ozNEL9jjsxjMFIGCSqGSIb3DQEJDzFFMEMwCgYI
 KoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqG
 SIb3DQMCAgEoMF0GCSsGAQQBgjcQBDFQME4wSTELMAkGA1UEBhMCREUxGzAZBgNVBAoTEkZp
 bGxtb3JlIExhYnMgR21iSDEdMBsGA1UEAxMURmlsbG1vcmUgTGFicyBVc2VyQ0ECAQIwXwYL
 KoZIhvcNAQkQAgsxUKBOMEkxCzAJBgNVBAYTAkRFMRswGQYDVQQKExJGaWxsbW9yZSBMYWJz
 IEdtYkgxHTAbBgNVBAMTFEZpbGxtb3JlIExhYnMgVXNlckNBAgECMA0GCSqGSIb3DQEBAQUA
 BIGAGWgDIXfk3bSkxy5oYUs9r0H0wJVZe6xYsfkdC8vZwOcXJp0kga91WKqcbmw4M9kGPTV8
 L8axJWCiDrZug5dWTkwxQV8Z9QS90vqS98xAsCzfLWD97uVkiS8v+lHppW+HKQK4DTk/eOKK
 OH7Skwib+0D1Ww6pc36cXeQZxf2DtDEAAAAAAAA=
 --------------ms030400040506030807010902--
 
State-Changed-From-To: open->closed 
State-Changed-By: eik 
State-Changed-When: Sun Nov 16 04:08:23 CET 2003 
State-Changed-Why:  
closed at submitters request 

http://www.freebsd.org/cgi/query-pr.cgi?pr=41309 
>Unformatted:
