Re: overwrite any file with updatedb
On Wed, 4 Mar 1998 08:41:58 +0100, Sascha Runschke wrote:
>On Tue, Mar 03, 1998 at 01:57:33PM -0500, Bryan Andregg wrote:
>> >That's a solution? Sounds like Russian Roulette. It narrows the
>> >window if danger tremendously, but doesn't eliminate it. There must
>> >be a better answer.
>> The solution is not to patch to make harder to predict file names but to
>> create those files with mkstemp instead of mktemp. Sorry I wasn't more clear
>> in the first place.
>In my humble opinion *any* temporary file created with root-privileges
>should reside in a special tmp directory like /var/adm/tmp or something
>equal. This would deny *any* symlink-attacks, no matter how poor the
>design of the program used is. You cannot rely on something which is not
>proven to be used by everbody. So mktemp and mkstemp, etc. should
>go and make their files in the desired directory if called by uid or euid
You are probably right. The issue in this case is that the files created
aren't owned by root though, they are owned by nobody.
Bryan C. Andregg * <email@example.com> * Red Hat Software
"Donnie were much more 'user-friendly'. May be you selective
about friends:-)" -- Levente Farkas
"Hey, wait a minute, you clowns are on dope!"
-- Owen Cheese in 'Shakes the Clown'
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
Trouble? e-mail to firstname.lastname@example.org .