Re: shell programming

To: Chris Frey <cdfrey@foursquare.net>
Cc: debian-isp@lists.debian.org, recipient list not shown: ;
Subject: Re: shell programming
From: <charlesiii@theverge.com>
Date: Wed, 12 Jan 2000 23:28:11 -0400 (AST)
Message-id: <[🔎] Pine.LNX.4.21.0001122326460.29398-100000@theverge.com>
In-reply-to: <[🔎] 20000112222402.A17061@foursquare.net>

It is best not to use /tmp at all , just use a private
temp directory that only root can read.

> You'll want to keep in mind that scripts like this can be a security
> hazzard.  You'll likely want to have a directory that only the user that
> is running this script can write to, to avoid symlinks that overwrite
> or create important files. (such as /etc/nologin or ~/.rhosts)
> 
> i.e. if "/tmp/$$.out" is a symlink that points to /etc/nologin, and this
> script is run as root, /etc/nologin will be created, possibly resulting
> in a denial of service.
> 
> - Chris
> 
> -- 
> -------------------------------------------
> "Chase the dream, not the competition."
>      - motto of the Nemesis Air Racing Team
> 
> 
> --  
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 
>

Reply to:

References:
- Re: shell programming
  - From: Chris Frey <cdfrey@foursquare.net>

Prev by Date: Re: shell programming
Next by Date: Re: detecting/killing eggdrops thru cron
Previous by thread: Re: shell programming
Next by thread: measure disk I/O & use SCSI or IDE?
Index(es):
- Date
- Thread