[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: insecure temporary file creation

* Colin Phipps 

| It's a crude hack but works well. I have a version for 2.4.x which I didn't
| get around to uploading yet. There may be a better patch around, it's awhile
| since I looked; I'd be interested to know if anyone finds a better way of 
| detection.

libc hooks.  I don't like playing around in the kernel, but by using
libc hooks and ld.so.preload, you can trace all this in userspace
without risking too much.  The downside is that it doesn't work with
statically linked binaries.

Also, adding the pam-tmpdir-module might be a start as well.


Tollef Fog Heen
Unix _IS_ user friendly... It's just selective about who its friends are.

Reply to: