[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: "... creates temporary files in an insecure manner." Tutorial?

On Mon, 20 Nov 2006 21:33:14 -0700, s. keeling wrote:

> [This message has also been posted.]
> I'm looking at:
> 
>    Subject: [SECURITY] [DSA 1216-1] New flexbackup packages fix denial of service
> 
> and I see, yet again:
> 
>    Eric Romang discovered that the flexbackup backup tool creates
>    temporary files in an insecure manner, which allows denial of
>    service through a symlink attack.
> 
> Thanks Eric, and no I'm not dissing flexbackup.  I'm also not an
> expert.
> 
> I'm wondering whether there might be some "secure temporary file
> checklist" which should be part of the
> indoctrination<ESC><BackSpace>initiation phase for DDs?
> 
> Is something like:
> 
>    OUT_FILE=`/bin/mktemp -t chkrootkit.XXXXXXXXXX`
> 
> useful information?  Again, I'm no expert.  I'm trying to learn.

The Secure Programming for Linux and Unix HOWTO has lots of useful into in
sec 7.10, at
<http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/avoid-race.html#TEMPORARY-FILES>.

There was talk some time ago about using libpam-tmpdir by default on
Debian systems, which would eliminate most of these flaws, but discussion
died out without reaching a conclusion.

-- 
Sam Morris
http://robots.org.uk/

PGP key id 1024D/5EA01078
3412 EA18 1277 354B 991B  C869 B219 7FDB 5EA0 1078
Reply to: