Re: So I received a gpg-signed email, can I trust it?
* Enrico Zini <enrico@enricozini.org>, 2016-07-08, 11:21:
$ mkdir /tmp/keyring
$ chmod 0700 /tmp/keyring
This way of creating a directory inaccessible to other is racy. Between
mkdir and chmod calls, the directory could be opened by an attacker (and
then kept open forever). A non-racy way looks like this:
$ mkdir -m 0700 foobar
And you really shouldn't use /tmp as a personal scratch space.
/tmp is word-writable and therefore not suitable for this purpose.
(Yes, I realize that these are just examples. But let's not teach people
bad habits.)
--
Jakub Wilk
Reply to: