mkcephfs: make remote temp directory name unique

The predictable file name is a security problem.

CVE-2013-1882

Reported-by: Michael Scherer <misc@zarb.org>
Signed-off-by: Sage Weil <sage@inktank.com>
Reviewed-by: Dan Mick <dan.mick@inktank.com>
(cherry picked from commit f463ef78d77b11b5ad78b31e9a3a88d0a6e62bca)

diff --git a/src/mkcephfs.in b/src/mkcephfs.in
index 446d56872e85f7c5a62c5cc1f7a8c7e1ed93f9ef..93a5fa6c1c117b5d48db0d16ea31b96a12706eee 100644 (file)
--- a/src/mkcephfs.in
+++ b/src/mkcephfs.in
@@ -475,7 +475,8 @@ if [ $allhosts -eq 1 ]; then
        check_host || continue
 
        if [ -n "$ssh" ]; then
-           rdir="/tmp/mkfs.ceph.$$"
+           unique=`dd if=/dev/urandom bs=16 count=1 2>/dev/null | md5sum | awk '{print $1}'`
+           rdir="/tmp/mkfs.ceph.$unique"
            echo pushing conf and monmap to $host:$rdir
            do_cmd "mkdir -p $rdir"
            scp -q $dir/conf $host:$rdir