X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;f=active-response%2Fhost-deny.sh;h=d29aa69fecb3cbf20b36e7987081097b8c60236d;hb=927951d1c1ad45ba9e7325f07d996154a91c911b;hp=9a68700abcd46683114ea1bac8c904eac30af27b;hpb=914feba5d54f979cd5d7e69c349c3d01f630042a;p=ossec-hids.git

diff --git a/active-response/host-deny.sh b/active-response/host-deny.sh
index 9a68700..d29aa69 100755
--- a/active-response/host-deny.sh
+++ b/active-response/host-deny.sh
@@ -111,13 +111,18 @@ if [ "x${ACTION}" = "xadd" ]; then
 # Deleting from hosts.deny   
 elif [ "x${ACTION}" = "xdelete" ]; then   
    lock;
+   TMP_FILE = `mktemp /var/ossec/ossec-hosts.XXXXXXXXXX` 
+   if [ "X${TMP_FILE}" = "X" ]; then 
+     # Cheap fake tmpfile, but should be harder then no random data 
+     TMP_FILE = "/var/ossec/ossec-hosts.`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -1 `"
+   fi
    if [ "X$UNAME" = "XFreeBSD" ]; then
-    cat /etc/hosts.allow | grep -v "ALL : ${IP} : deny$"> /tmp/hosts.deny.$$
-    mv /tmp/hosts.deny.$$ /etc/hosts.allow
+    cat /etc/hosts.allow | grep -v "ALL : ${IP} : deny$"> ${TMP_FILE}
+    mv ${TMP_FILE} /etc/hosts.allow
    else
-    cat /etc/hosts.deny | grep -v "ALL:${IP}$"> /tmp/hosts.deny.$$
-    cat /tmp/hosts.deny.$$ > /etc/hosts.deny
-    rm /tmp/hosts.deny.$$
+    cat /etc/hosts.deny | grep -v "ALL:${IP}$"> ${TMP_FILE}
+    cat ${TMP_FILE} > /etc/hosts.deny
+    rm ${TMP_FILE}
    fi 
    unlock;
    exit 0;