Use an unique directory name instead of hardcoded /tmp/.diskless.

A malicious user could create a file named /tmp/.diskless and cause the script to misbehave. PR: conf/141258 Reported by: Jon Passki MFC after: 1 week
2010-03-13 12:02:44 +00:00 · 2010-03-13 12:02:44 +00:00 · 7d4bbea850
commit 7d4bbea850
parent b8da61ada5
1 changed files with 2 additions and 2 deletions
--- a/etc/rc.d/tmp
+++ b/etc/rc.d/tmp
@ -51,8 +51,8 @@ case "${tmpmfs}" in
 [Nn][Oo])
 	;;
 *)
-	if /bin/mkdir -p /tmp/.diskless 2> /dev/null; then
-		rmdir /tmp/.diskless
+	if _tmpdir=$(mktemp -d -q /tmp/.diskless.XXXXXX); then
+		rmdir ${_tmpdir}
 	else
 		if [ -h /tmp ]; then
 			echo "*** /tmp is a symlink to a non-writable area!"