Re: checking for /tmp security holes

To: joey@kitenet.net (Joey Hess)
Cc: rjk@greenend.org.uk, debian-devel@lists.debian.org
Subject: Re: checking for /tmp security holes
From: joostje@debian.org
Date: Wed, 11 Nov 1998 10:24:05 +0100 (MET)
Message-id: <[🔎] 199811110924.KAA26730@netsrv.att.cmg.nl>
Reply-to: joostje@debian.org
In-reply-to: <[🔎] 19981110153946.G10305@kitenet.net> from "Joey Hess" at Nov 10, 98 03:39:47 pm

> 
> It just occurred to me that we could probalby use libtricks or strace to
> find all access to /tmp during a debian install, and then grep out the safe
> ones. Would be an interesting project.

Yeah, you can. And especially for that purpose I've written that
`trick-chktmp' script. Just use that as your shell (or start it
with `trick-chktmp tcsh' if you prefer tcsh), and you'll get a message
to stderr for every suspicious write to /tmp.

Note that those messages to stderr can easily be sent to syslog, or to
a file of your choise. See the script, in combination with 
trick-logopen (that sends stuff to a file).

BTW, please use libtricks_0.2-2, as that will present you with a lot
less neasty surprises than libtricks_0.2-1. (no, there weren't really
bugs in -1, everything was accoring docs, but then the docs said not
to use chars like ')', or ':' inside double quotes. Not what you'd
expect. That has been removed in -2).

joost (joostje@debian.org)

Reply to:

References:
- Re: checking for /tmp security holes
  - From: Joey Hess <joey@kitenet.net>

Prev by Date: Re: libgtk1.1
Next by Date: Re: checking for /tmp security holes
Previous by thread: Re: checking for /tmp security holes
Next by thread: help translating docs to Russian
Index(es):
- Date
- Thread