[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: severity for bugs in ignoring TMP/TMPDIR?

Ben Hutchings <ben@decadent.org.uk> writes:

> The test should be for non-random names *or* missing O_EXCL.  Use of an
> entirely predictable name with O_EXCL allows a DoS and use of a
> pseudo-random name without O_EXCL may still be exploitable for
> overwriting other files if the attacker can try repeatedly.

Sometimes there are no good options other than using O_EXCL with a
predictable name because the name is used as a rendezvous point.  This is
the case in some (non-default) configurations for Kerberos tickets, for

But yes, it's not ideal.

Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to: