Re: checking for /tmp security holes
>
>
> --XsQoSWH+UP9D9v3l
> Content-Type: text/plain; charset=us-ascii
>
> Previously Joey Hess wrote:
> > It just occurred to me that we could probalby use libtricks or strace to
> > find all access to /tmp during a debian install, and then grep out the safe
> > ones. Would be an interesting project.
>
> strace -f -e file dpkg -i xxx.deb 2| grep ^open
Yes, that should also work. But then libtricks (or rahter
the trick-chktmp script) will only report the suspicious open's to
/tmp, not every open. Of cource one can write a regular expression
for grep so that the above line also only reports the suspicous
open's to /tmp, but I doubt strace will be very fast :)
joost
Reply to: