Re: ITS: webfs (updated package)

To: debian-mentors@lists.debian.org
Subject: Re: ITS: webfs (updated package)
From: Jakub Wilk <jwilk@debian.org>
Date: Fri, 3 Dec 2010 15:39:05 +0100
Message-id: <[🔎] 20101203143905.GA4550@jwilk.net>
Mail-followup-to: debian-mentors@lists.debian.org
In-reply-to: <[🔎] 20101203135439.GA17637@mea.homelinux.org>
References: <[🔎] 20101202225340.GA10720@mea.homelinux.org> <[🔎] 4CF8DAE8.6040006@schmehl.info> <[🔎] 20101203122112.GA16950@mea.homelinux.org> <[🔎] 4CF8E5F8.60607@debian.org> <[🔎] 20101203125456.GA2984@jwilk.net> <[🔎] 20101203135439.GA17637@mea.homelinux.org>

* Mats Erik Andersson <mats.andersson@gisladisker.se>, 2010-12-03, 14:54:

In the particular case at hand, I am dealing with the removal of
a temporary file, used with mktemp at creation time, so one small
breach would be that a malicious intruded managed to find the file
name, and to delete said file, before the purge action came to its
conclusion.


The intruder would need root privileges to remove the file, wouldn't he?

--
Jakub Wilk

Reply to:

Follow-Ups:
- Re: ITS: webfs (updated package)
  - From: Mats Erik Andersson <mats.andersson@gisladisker.se>

References:
- RFS: webfs (updated package)
  - From: Mats Erik Andersson <mats.andersson@gisladisker.se>
- ITS: webfs (updated package)
  - From: Alexander Reichle-Schmehl <alexander@schmehl.info>
- Re: ITS: webfs (updated package)
  - From: Mats Erik Andersson <mats.andersson@gisladisker.se>
- Re: ITS: webfs (updated package)
  - From: Alexander Reichle-Schmehl <tolimar@debian.org>
- Re: ITS: webfs (updated package)
  - From: Jakub Wilk <jwilk@debian.org>
- Re: ITS: webfs (updated package)
  - From: Mats Erik Andersson <mats.andersson@gisladisker.se>

Prev by Date: The keypad and Policy 9.8
Next by Date: Re: ITS: webfs (updated package)
Previous by thread: Re: ITS: webfs (updated package)
Next by thread: Re: ITS: webfs (updated package)
Index(es):
- Date
- Thread