Re: CVE-2008-5378: possible symlink attacks
Andreas Tille wrote:
> Hi,
>
> when I started manitaining arb I noticed that the program might crash
> under some seldom occurrences. To enable the users to start cleanly
> another instance I enhanced the scripts provided by upstream which
> basically parse a file containing the PIDs of the main arb processes.
> These files are stored under
>
> /tmp/arb_pids_${USER}_${ARB_PID}
>
<snip details>
> Currently I see two options:
>
> 1. Do not install arb_{clean,panic} any more in the binary package
> and advise the user in the docs what to do in case of a problem.
> 2. Make the temp file save against symlink attacks. The question
> I have for this case which should probably be prefered is: How
> can I savely teach an independent script about the PIDs of a
> crashed program that should be stopped. I think random file names
> will not really work here or do I miss something?
How about using $HOME/.arb/pids_${ARB_PID} and cleaning it up on exit?
--
Felipe Sateler
Reply to: