Re: "... creates temporary files in an insecure manner." Tutorial?
On Mon, 20 Nov 2006 21:33:14 -0700, s. keeling wrote:
> [This message has also been posted.]
> I'm looking at:
>
> Subject: [SECURITY] [DSA 1216-1] New flexbackup packages fix denial of service
>
> and I see, yet again:
>
> Eric Romang discovered that the flexbackup backup tool creates
> temporary files in an insecure manner, which allows denial of
> service through a symlink attack.
>
> Thanks Eric, and no I'm not dissing flexbackup. I'm also not an
> expert.
>
> I'm wondering whether there might be some "secure temporary file
> checklist" which should be part of the
> indoctrination<ESC><BackSpace>initiation phase for DDs?
>
> Is something like:
>
> OUT_FILE=`/bin/mktemp -t chkrootkit.XXXXXXXXXX`
>
> useful information? Again, I'm no expert. I'm trying to learn.
The Secure Programming for Linux and Unix HOWTO has lots of useful into in
sec 7.10, at
<http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/avoid-race.html#TEMPORARY-FILES>.
There was talk some time ago about using libpam-tmpdir by default on
Debian systems, which would eliminate most of these flaws, but discussion
died out without reaching a conclusion.
--
Sam Morris
http://robots.org.uk/
PGP key id 1024D/5EA01078
3412 EA18 1277 354B 991B C869 B219 7FDB 5EA0 1078
Reply to: