When the boot parameter "gentoo=nox" is specified, /etc/init.d/xdm-setup executes the command "touch /tmp/.noxdm" (see bug 285929). This is insecure, as /tmp is world-writable. It allows someone to "touch" any file on the system if he manages to create the /tmp/.noxdm symlink before xdm-setup is called. Also, anybody can force xdm startup to fail. This can be solved by creating the file in a directory that is not world-writable.
All, suggestions for where to put this would be appreciated. I put it in /tmp to get it out of /etc/init.d, which is where livecd-tools was originally putting it. A change here will mean a change to livecd-tools as well to keep them consistent.
All, I have moved the .noxdm file to /etc. That is the only difference between -r8 and -r9, so you might want to fast track -r9 to stable.
I have also updated bug #286308 for livecd-tools.
(In reply to comment #1) > suggestions for where to put this would be appreciated. I would suggest "/var/cache/xinit/.noxdm" or "/var/lib/xinit/.noxdm".
I went ahead and put this in /etc since other files like it (such as /etc/nologin) are also there.
The following code in x11-apps/xinit/files/xdm.initd-3 still allows to anybody to force xdm startup to fail: if [ -f /etc/init.d/.noxdm -o -f /tmp/.noxdm -o -f /etc/.noxdm ]; then einfo "Skipping ${EXE}, .noxdm found in /tmp, /etc/init.d or /etc" rm /etc/.noxdm /etc/init.d/.noxdm /tmp/.noxdm return 0 fi
this is fixed in -r10, you should be good to go to stable now. William
(In reply to comment #5) > I went ahead and put this in /etc since other files like it (such as > /etc/nologin) are also there. That doesn't sound like a good idea to me. Files in /etc should be maintained by the system administrator; files that change automatically during system boot or normal operation should go to /var, as arfrever suggested in comment #4. Well, there are some files in /etc violoating this rule, but that isn't a good reason to repeat this mistake over and over. (And "/etc/nologin"¹ isn't even one of them, btw.) I'm not sure what's the best place in /var, but I'd suggest something like "/var/run/noxdm" (no dot, I see no need to hide it). ¹) Well, when you mentioned "/etc/nologin" I had another idea. Why not check for both "/var/run/noxdm" (or whatever we'll call it) and "/etc/noxdm" in "/etc/init.d/xdm", where the latter will never be created or removed by the system. This way admins may temporarily disable xdm without editing runlevels or bothering with boot options by creating "/etc/noxdm", much like "/etc/nologin" temporarily disables logins.
Arches, please test and mark stable: =x11-apps/xinit-1.0.8-r10 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
amd64/arm/x86 stable
Stable on alpha.
Stable for HPPA.
ia64/s390/sh/sparc stable
ppc stable
ppc64 done
I have slight question, whats left to do on this bug?
We close it.
I'm not in security, but nothing that I see. We can look into moving the file to /var in another bug since that will also require modifying livecd-tools again. William