Bug#5298: gcc and /tmp security

To: submit@bugs.debian.org
Subject: Bug#5298: gcc and /tmp security
From: Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>
Date: Wed, 6 Nov 1996 22:25:28 +0100 (MET)
Message-id: <199611062125.WAA21071@i17linuxb.ists.pwr.wroc.pl>
Reply-to: Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>, 5298@bugs.debian.org

Package: gcc
Version: 2.7.2.1-1

gcc creates its temporary files in $TMPDIR (default /tmp) and - guess
what? - doesn't use the O_EXCL open() flag!  (verified using strace)
Any user can overwrite files owned by any other user who is running
gcc (including root, so don't do that!) by creating symlinks in /tmp.

Quick workaround: set $TMPDIR to point to some non-world-writable
directory (under $HOME).  This really should be fixed upstream (the
problem is not Linux-specific) but maybe we can do it faster...

Marek

--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to:

Prev by Date: Bug#5296: elm screws up return addresses
Next by Date: How to add checksums for all files to dpkg
Previous by thread: Re: Wanting to give my packages to other maintainers
Next by thread: How to add checksums for all files to dpkg
Index(es):
- Date
- Thread