init-ceph: push temp conf file to a unique location on remote host

The predictable file name is a security problem.

CVE-2013-1882

Reported-by: Michael Scherer <misc@zarb.org>
Signed-off-by: Sage Weil <sage@inktank.com>
Reviewed-by: Dan Mick <dan.mick@inktank.com>

diff --git a/src/init-ceph.in b/src/init-ceph.in
index 5c04dd036f5e5429db0533a65cdd361ab5fbe3be..029aa78840b7fa5321cb12a872731637b0ab226d 100644 (file)
--- a/src/init-ceph.in
+++ b/src/init-ceph.in
@@ -216,11 +216,12 @@ for name in $what; do
     if [ "$host" = "$hostname" ]; then
        cur_conf=$conf
     else
+       unique=`dd if=/dev/urandom bs=16 count=1 2>/dev/null | md5sum | awk '{print $1}'`
        if echo $pushed_to | grep -v -q " $host "; then
-           scp -q $conf $host:/tmp/ceph.conf.$$
+           scp -q $conf $host:/tmp/ceph.conf.$unique
            pushed_to="$pushed_to $host "
        fi
-       cur_conf="/tmp/ceph.conf.$$"
+       cur_conf="/tmp/ceph.conf.$unique"
     fi
     cmd="$cmd -c $cur_conf"