Re: overwrite any file with updatedb
On Wed, 4 Mar 1998 08:41:58 +0100, Sascha Runschke wrote:
>On Tue, Mar 03, 1998 at 01:57:33PM -0500, Bryan Andregg wrote:
>
>> >That's a solution? Sounds like Russian Roulette. It narrows the
>> >window if danger tremendously, but doesn't eliminate it. There must
>> >be a better answer.
>>
>> The solution is not to patch to make harder to predict file names but to
>> create those files with mkstemp instead of mktemp. Sorry I wasn't more clear
>
>> in the first place.
>
>In my humble opinion *any* temporary file created with root-privileges
>should reside in a special tmp directory like /var/adm/tmp or something
>equal. This would deny *any* symlink-attacks, no matter how poor the
>design of the program used is. You cannot rely on something which is not
>proven to be used by everbody. So mktemp and mkstemp, etc. should
>go and make their files in the desired directory if called by uid or euid
>0.
You are probably right. The issue in this case is that the files created
aren't owned by root though, they are owned by nobody.
--
Bryan C. Andregg * <bandregg@redhat.com> * Red Hat Software
"Donnie were much more 'user-friendly'. May be you selective
about friends:-)" -- Levente Farkas
"Hey, wait a minute, you clowns are on dope!"
-- Owen Cheese in 'Shakes the Clown'
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: