[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Fwd: Etch's and Lenny's mktemp seriously broken]

On 2008-08-16 13:44 +0200, Tzafrir Cohen wrote:

> On Fri, Aug 15, 2008 at 10:56:06PM +0200, Sven Joachim wrote:
>> It opens precisely the can of worms that mktemp was supposed to close,
>> see the mktemp(1) and mktemp(3) manpages.  Look for "symlink attack" in
>> your preferred Web search engine.
>
> And what BadThings happen due to that unlink?

An attacker may recreate the file as a symlink to some other file whose
contents will be overwritten when your shell script later writes to it.

Sven
Reply to: