Re: /tmp exploits
On Mon, Apr 20, 1998 at 01:20:10PM +0100, Ian Jackson wrote:
> We should modify our libc so that opening a file in /tmp or /var/tmp -
> determined by simple string comparison of the filename passed to
> open(2) - fails if O_CREAT is specified without O_EXCL.
>
> We should do this in slink. That way almost any program with a /tmp
> security hole will stop working straight away and _have_ to be fixed.
And then change libc back, presumably, before making the next stable
release? In that case, I think it may be a good idea.
But how about this: I often extract tar files to a directory in /tmp. If
/home is nfs-mounted, this can be considerably faster, and it gets cleaned
up automatically sooner or later. 'tar' almost certainly doesn't open files
with O_EXCL... maybe it should?
Avery
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to:
- References:
- /tmp exploits
- From: Ian Jackson <ijackson@chiark.greenend.org.uk>