[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: symlink attack

On Sat, Oct 30, 2004 at 05:35:33PM +0200, Mark-Walter@t-online.de wrote:
> I'am interested to obtain information how an unsecure
> usage of the directory /tmp is to be avoided within 
> a project which is called symlink attack.

man 1 mktemp

> Especially I'am interested if it's a difference to have
> quota deactivated and a user is filling your hardisk
> to the limit, or not.

When there is *no* space, symlink attacks are not possible, obviously.
But the cure is more harsh than the disease, as a Debian system with no
disk space can go awry in interesting ways...


Attachment: pgpQEXfm2qHcs.pgp
Description: PGP signature

Reply to: