|
From: | fesoj000 |
Subject: | [bug#54309] [PATCH] services: auditd: use exclusive log directory for auditd |
Date: | Sun, 20 Mar 2022 21:22:11 +0100 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0 |
On 3/20/22 12:13 AM, Maxime Devos wrote:
fesoj000 schreef op za 19-03-2022 om 12:34 [+0100]:+ (let* ((previous-umask (umask #o077))) + (mkdir-p "/var/log/audit") + (umask previous-umask)))))I cannot recommend this, what if 'mkdir-p' throws an exception? That might cause problems. Or maybe not, but it would require some analysis that can be avoided with 'mkdir-p/perms'.
Hm, but i still have to set umask to prevent TOCTOU, the implementation of 'mkdir-p/perms' does not take care of that. BR
[Prev in Thread] | Current Thread | [Next in Thread] |