[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Disabling /tmp watch in RawHide



On Mon, 2003-11-03 at 18:02, Paul Jakma wrote:
> On Mon, 3 Nov 2003, Stan Bubrouski wrote:
> 
> > more insecure /tmp usage, even if by only the broken usages (i.e.
> > leaving the files behind).  Any thoughts?
> 
> Leaving the files behind does not automatically indicate the app 
> created/used tmp files insecurely.
> 

Yes I'm well aware there are files and directories which by tradition
and convenience exist in /tmp

> what are the apps, and what is the insecure behavior in them?
> 

This is not the appropriate forum to discuss unannounced bugs, however
take for example a program that blindly creates a file in /tmp with a
predictable or even static name and follows symlinks allowing files to
be overwritten.  With tmpwatch on, this bad behavior is masked because
the files it might leave behind are deleted and may go for several
releases before being caught, if ever.  Like I said, I think this is 
definitely  something to consider, because we  can  get a more secure
system as a result.

Take for example this:
http://www.securityfocus.com/archive/1/343038/2003-10-31/2003-11-06/0

-sb

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]