Bug 1043849

Summary: yum-rhn-plugin: slightly insecure use of /var/tmp
Product: Red Hat Enterprise Linux 6 Reporter: Florian Weimer <fweimer>
Component: yum-rhn-pluginAssignee: Michael Mráka <mmraka>
Status: CLOSED WONTFIX QA Contact: Red Hat Satellite QA List <satqe-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.5CC: cperry, msuchy, mzazrivec
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1043847 Environment:
Last Closed: 2014-11-10 14:25:45 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1043847    
Bug Blocks:    

Description Florian Weimer 2013-12-17 10:50:48 UTC 
+++ This bug was initially created as a clone of Bug #1043847 +++

touch follows symlinks, so this %pre script allows creation of zero-length files (as seen in yum-rhn-plugin-2.0.1-2):

%pre
# 682820 - re-enable yum-rhn-plugin after package upgrade if the system is already registered
export pluginconf='/etc/yum/pluginconf.d/rhnplugin.conf'
if [ $1 -gt 1 ] && [ -f /etc/sysconfig/rhn/systemid ] && [ -f "$pluginconf" ]; then
    if grep -q '^[[:space:]]*enabled[[:space:]]*=[[:space:]]*1[[:space:]]*$' \
       "$pluginconf"; then
        touch /var/tmp/enable-yum-rhn-plugin
    fi
fi

The flag should be stored somewhere else, perhaps in /etc.
Comment 2 RHEL Program Management 2014-11-10 14:25:45 UTC 
Development Management has reviewed and declined this request.
You may appeal this decision by reopening this request.