[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Disabling /tmp watch in RawHide



Hey,

Over the last four years I have found and reported several
vulnerabilities in various apps that have use /tmp insecurely.  A
great many of them were discovered by merely looking in /tmp
once a week or so at some of the files left behind.

By default you guys have tmpwatch turned on, and I think that in
RawHide and test builds this should be disabled so these kinds of
security bugs can be found easier before releases.  Yes I know /tmp
can get messy with legitimate files (though most of the files left in
/tmp SHOULD NOT be there), however I think the benefits of disabling by
default on testing environments will get a great many more eyes spotting
general bugs with some program /tmp usage.

For instance I installed Fedora Core Test 3 release last weekend.  I
turned off tmpwatch, and voila, without even trying I found 4 insecure
file uses between 3 packages.  I did nothing to find these except ls
through my /tmp and then track down the offenders.  I guess this is
probably something that will be debated, or shot down immediately, but
still I'm throwing it out there.  Without tmpwatch people WILL notice
more insecure /tmp usage, even if by only the broken usages (i.e.
leaving the files behind).  Any thoughts?

-sb
--- Begin Message ---
Hey,

Over the last four years I have found and reported several
vulnerabilities in various apps that have use /tmp insecurely.  A great
many of them were discovered by merely looking in /tmp once a week or so
at some of the files left behind.

By default you guys have tmpwatch turned on, and I think that in RawHide
and test builds this should be disabled so these kinds of security bugs
can be found easier before releases.  Yes I know /tmp can get messy with
legitimate files (though most of the files left in /tmp SHOULD NOT be
there), however I think the benefits of disabling by default on testing
environments will get a great many more eyes spotting general bugs with
some program /tmp usage.

For instance I installed Fedora Core Test 3 release last weekend.  I
turned off tmpwatch, and voila, without even trying I found 4 insecure
file uses between 3 packages.  I did nothing to find these except ls
through my /tmp and then track down the offenders.  I guess this is
probably something that will be debated, or shot down immediately, but
still I'm throwing it out there.  Without tmpwatch people WILL notice
more insecure /tmp usage, even if by only the broken usages (i.e.
leaving the files behind).  Any thoughts?

-sb

--- End Message ---

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]