[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CVE-2008-5378: possible symlink attacks

Andreas Tille wrote:

> Hi,
> when I started manitaining arb I noticed that the program might crash
> under some seldom occurrences.  To enable the users to start cleanly
> another instance I enhanced the scripts provided by upstream which
> basically parse a file containing the PIDs of the main arb processes.
> These files are stored under
>      /tmp/arb_pids_${USER}_${ARB_PID}

<snip details>

> Currently I see two options:
>    1. Do not install arb_{clean,panic} any more in the binary package
>       and advise the user in the docs what to do in case of a problem.
>    2. Make the temp file save against symlink attacks.  The question
>       I have for this case which should probably be prefered is: How
>       can I savely teach an independent script about the PIDs of a
>       crashed program that should be stopped.  I think random file names
>       will not really work here or do I miss something?

How about using $HOME/.arb/pids_${ARB_PID} and cleaning it up on exit?


  Felipe Sateler

Reply to: