Menu
▾
▴
[Fail2ban-commit] SF.net SVN: fail2ban:[767] branches/FAIL2BAN-0_8/config/action.d
|
From: <yar...@us...> - 2011-03-23 20:36:03
|
Revision: 767
http://fail2ban.svn.sourceforge.net/fail2ban/?rev=767&view=rev
Author: yarikoptic
Date: 2011-03-23 20:35:56 +0000 (Wed, 23 Mar 2011)
Log Message:
-----------
BF: Use /var/run/fail2ban instead of /tmp for temp files in actions: see http://bugs.debian.org/544232
It should be robust since /var/run/fail2ban is guaranteed to exist to carry the
socket file, and it will be owned by root (or some other dedicated fail2ban
user) thus avoiding possibility for the exploit
Modified Paths:
--------------
branches/FAIL2BAN-0_8/config/action.d/dshield.conf
branches/FAIL2BAN-0_8/config/action.d/mail-buffered.conf
branches/FAIL2BAN-0_8/config/action.d/mynetwatchman.conf
branches/FAIL2BAN-0_8/config/action.d/sendmail-buffered.conf
Modified: branches/FAIL2BAN-0_8/config/action.d/dshield.conf
===================================================================
--- branches/FAIL2BAN-0_8/config/action.d/dshield.conf 2010-09-27 13:18:32 UTC (rev 766)
+++ branches/FAIL2BAN-0_8/config/action.d/dshield.conf 2011-03-23 20:35:56 UTC (rev 767)
@@ -206,5 +206,5 @@
# Notes.: Base name of temporary files used for buffering
# Values: [ STRING ] Default: /tmp/fail2ban-dshield
#
-tmpfile = /tmp/fail2ban-dshield
+tmpfile = /var/run/fail2ban/tmp-dshield
Modified: branches/FAIL2BAN-0_8/config/action.d/mail-buffered.conf
===================================================================
--- branches/FAIL2BAN-0_8/config/action.d/mail-buffered.conf 2010-09-27 13:18:32 UTC (rev 766)
+++ branches/FAIL2BAN-0_8/config/action.d/mail-buffered.conf 2011-03-23 20:35:56 UTC (rev 767)
@@ -81,7 +81,7 @@
# Default temporary file
#
-tmpfile = /tmp/fail2ban-mail.txt
+tmpfile = /var/run/fail2ban/tmp-mail.txt
# Destination/Addressee of the mail
#
Modified: branches/FAIL2BAN-0_8/config/action.d/mynetwatchman.conf
===================================================================
--- branches/FAIL2BAN-0_8/config/action.d/mynetwatchman.conf 2010-09-27 13:18:32 UTC (rev 766)
+++ branches/FAIL2BAN-0_8/config/action.d/mynetwatchman.conf 2011-03-23 20:35:56 UTC (rev 767)
@@ -141,4 +141,4 @@
# Notes.: Base name of temporary files
# Values: [ STRING ] Default: /tmp/fail2ban-mynetwatchman
#
-tmpfile = /tmp/fail2ban-mynetwatchman
+tmpfile = /var/run/fail2ban/tmp-mynetwatchman
Modified: branches/FAIL2BAN-0_8/config/action.d/sendmail-buffered.conf
===================================================================
--- branches/FAIL2BAN-0_8/config/action.d/sendmail-buffered.conf 2010-09-27 13:18:32 UTC (rev 766)
+++ branches/FAIL2BAN-0_8/config/action.d/sendmail-buffered.conf 2011-03-23 20:35:56 UTC (rev 767)
@@ -101,5 +101,5 @@
# Default temporary file
#
-tmpfile = /tmp/fail2ban-mail.txt
+tmpfile = /var/run/fail2ban/tmp-mail.txt
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|