[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: /tmp exploits



Ian Jackson <ijackson@chiark.greenend.org.uk> writes:

> We should modify our libc so that opening a file in /tmp or /var/tmp -
> determined by simple string comparison of the filename passed to
> open(2) - fails if O_CREAT is specified without O_EXCL.
> 
> We should do this in slink.  That way almost any program with a /tmp
> security hole will stop working straight away and _have_ to be fixed.

That seems pretty extreme.

If we are going to do something like that - couldn't we just get rid
of /tmp altogether?

Cheers,

 - Jim

Attachment: pgpRO3UIexNIC.pgp
Description: PGP signature


Reply to: