Bug 58571 - File system space checks too aggresive.
File system space checks too aggresive.
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: diskcheck (Show other bugs)
7.3
alpha Linux
medium Severity medium
: ---
: ---
Assigned To: Harald Hoyer
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2002-01-19 23:52 EST by Michal Jaegermann
Modified: 2008-05-01 11:38 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2002-01-22 05:59:50 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Michal Jaegermann 2002-01-19 23:52:14 EST
Description of Problem:

The following great stuff shows in root mail:

To: root@localhost.localdomain
From: Disk Usage Monitor <root@localhost.localdomain>
Subject: Low disk space warning
Status: RO
Content-Length: 107
Lines: 3

Disk usage for localhost.localdomain:

/dev/fd0 (/mnt/floppy) is 98% full -- 1.4M of 1.4M used, 29k remain


One can only say to that "Duh!  No shit!".  Similar reaction would be if
any other removable media triggered something of that sort.

Actually I am only assuming that this mysterious "Disk Usage Monitor"
has something to do with fam.  The fact the a responsible program is not
clearly identified, thus making it hard to shut up this bogosity, is
another bug; maybe even more serious.
Comment 1 Michal Jaegermann 2002-01-21 01:29:17 EST
Apologies.  I found that this bogosity really comes from 'diskcheck' and
not from 'fam'.

But when I found that this program reads its config file with 'exec(line)'
then my lower jaw truly fell to the floor.  So every sudo'er with a write
access to this config file may execute absolutely anything on a system?
Great stuff!!!  How many other surprises of that kind?
Comment 2 Harald Hoyer 2002-01-21 10:30:01 EST
hmm, one can execute many programs, if /etc is belonging to him... will 
include floppies to omit as well :)
Comment 3 Michal Jaegermann 2002-01-21 12:45:07 EST
I do not think that you understand security implications.  Some "junior
administrator" may have a write access to a configuration file (ownership
and permits do not have be like in times of an installation) without owning
/etc.  That kind of "pseudo-parsing" with 'exec' is a VERY BAD IDEA in any
language.  A program is running from cron and you are finding yourself
executing with root priviledges a code you never intended to.  Oops!

Murphy Law also assures that somebody will make a stupid typo in a config
file and will execute an unitended code which will affect the rest of a program.
I do not have harmful examples right now but life will provide something
like that one day. :-)

Also puzzles like "Disk Usage Monitor" should not pretend to be program
identifiers in mail. At minimum this should be "Disk Usage Monitor (diskcheck)".
I realize now that it is possible to fix that in a config file but I should
not have a head scratcher about what was sending that in the first place.


Comment 4 Harald Hoyer 2002-01-22 05:59:45 EST
> I do not think that you understand security implications.

Try me ...

> Some "junior administrator" may have a write access to a configuration file 
> (ownership and permits do not have be like in times of an installation) 
> without owning /etc.
> That kind of "pseudo-parsing" with 'exec' is a VERY BAD IDEA in any
> language.  A program is running from cron and you are finding yourself
> executing with root priviledges a code you never intended to.  Oops!

Agreed ... (note: I would never do that :)

> Murphy Law also assures that somebody will make a stupid typo in a config
> file and will execute an unitended code which will affect the rest of a 
> program. I do not have harmful examples right now but life will provide 
> something like that one day. :-)

I hate that "Murphy"!

> Also puzzles like "Disk Usage Monitor" should not pretend to be program
> identifiers in mail. At minimum this should be "Disk Usage Monitor 
> (diskcheck)".
> I realize now that it is possible to fix that in a config file but I should
> not have a head scratcher about what was sending that in the first place.

Agreed.
Comment 5 Harald Hoyer 2002-04-02 09:42:51 EST
fixed in diskcheck-1.2-1

Note You need to log in before you can comment on or make changes to this bug.