Dmitry E. Oboukhov wrote: >>>> A while ago, the use of libpam-tmpdir was suggested in order to mitigate >>>> some of these attacks. It would be nice to see it in use by default, some >>>> day. >>>> Obviously there will always be some programs that don't look at the >>>> TMPDIR environment variable and directly use /tmp. >>> write file to /tmp/filename == write file to $TMPDIR/filename >>> both cases are security holes if TMPDIR=/tmp :) > >> The idea behind libpam-tmpdir is that it creates a subdirectory of /tmp >> that is only accessible by that user, and then sets TMPDIR and other >> variables to that. Hence, it doesn't matter nearly as much if you >> create a non-random filename, because nobody but you can access it. > > Yes, but > scripts must use $TMPDIR instead '/tmp' or mktemp/tempfile utils :) tempfile uses $TMPDIR by default :) -- Eugene V. Lyubimkin aka JackYF, Ukrainian C++ developer.
Description: OpenPGP digital signature