diff options
| author | Timothy Bauscher <timothy@linuxfromscratch.org> | 2003-01-19 15:36:47 +0000 |
|---|---|---|
| committer | Timothy Bauscher <timothy@linuxfromscratch.org> | 2003-01-19 15:36:47 +0000 |
| commit | 99302877e2420aec4721c0be2416c2749361896f (patch) | |
| tree | 539fbe19c4c1ece43d94bccda5411d229f764677 /chapter06/ed-inst.xml | |
| parent | 25ef3c3d776fa5f899311075c462d4333cc7f179 (diff) | |
Chapter 6 cleanup after conversions.
git-svn-id: http://svn.linuxfromscratch.org/LFS/trunk/BOOK@2392 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689
Diffstat (limited to 'chapter06/ed-inst.xml')
| -rw-r--r-- | chapter06/ed-inst.xml | 39 |
1 files changed, 15 insertions, 24 deletions
diff --git a/chapter06/ed-inst.xml b/chapter06/ed-inst.xml index ad41da7d7..093273360 100644 --- a/chapter06/ed-inst.xml +++ b/chapter06/ed-inst.xml @@ -9,16 +9,20 @@ file. This happens rarely because diff-based patches are preferred these days.</para></note> <para>This package requires its patch to be applied before you can -install it.</para> +install it. This patch fixes a symlink vulnerability in +<userinput>ed</userinput>. The <userinput>ed</userinput> executable +creates files in <filename class="directory">/tmp</filename> with +predictable names. By using various symlink attacks, it is possible +to have ed write to files it should not, change the permissions of +files, etc.</para> -<para><screen><userinput> -patch -Np1 -i ../ed-&ed-patch-version;.patch -</userinput></screen></para> +<para>Apply the patch:</para> + +<para><screen><userinput>patch -Np1 -i ../ed-&ed-patch-version;.patch</userinput></screen></para> <para>Prepare Ed to be compiled:</para> -<para><screen><userinput> -./configure --prefix=/usr</userinput></screen></para> +<para><screen><userinput>./configure --prefix=/usr</userinput></screen></para> <para>Continue with compiling the package:</para> @@ -28,25 +32,12 @@ patch -Np1 -i ../ed-&ed-patch-version;.patch <para><screen><userinput>make install</userinput></screen></para> -<para>Move the Ed binaries to the root partition.</para> - -<para><screen><userinput>mv /usr/bin/{ed,red} /bin -</userinput></screen></para> - -</sect2> - -<sect2> -<title>Command explanations</title> - -<para><userinput>patch -Np1 -i ../ed-&ed-version;.patch:</userinput> This -patch fixes a symlink vulnerability in ed. The ed executable creates files -in /tmp with predictable names. By using various symlink attacks, it is -possible to have ed write to files it should not, change the permissions -of files, etc.</para> +<para>We need to move the Ed binaries to the <filename +class="directory">/bin</filename> directory so they may be used in +the event that the <filename class="directory">/usr</filename> +partition is unavailable.</para> -<para><userinput>mv /usr/bin/{ed,red} /bin:</userinput> -The Ed binaries are moved to the /bin directory so they may be used in -the event that the /usr partition is unavailable.</para> +<para><screen><userinput>mv /usr/bin/{ed,red} /bin</userinput></screen></para> </sect2> |