[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Disabling /tmp watch in RawHide

On Mon, 3 Nov 2003, Stan Bubrouski wrote:

>Over the last four years I have found and reported several
>vulnerabilities in various apps that have use /tmp insecurely.  A
>great many of them were discovered by merely looking in /tmp
>once a week or so at some of the files left behind.
>By default you guys have tmpwatch turned on, and I think that in
>RawHide and test builds this should be disabled so these kinds of
>security bugs can be found easier before releases.  Yes I know /tmp
>can get messy with legitimate files (though most of the files left in
>/tmp SHOULD NOT be there), however I think the benefits of disabling by
>default on testing environments will get a great many more eyes spotting
>general bugs with some program /tmp usage.
>For instance I installed Fedora Core Test 3 release last weekend.  I
>turned off tmpwatch, and voila, without even trying I found 4 insecure
>file uses between 3 packages.  I did nothing to find these except ls
>through my /tmp and then track down the offenders.  I guess this is
>probably something that will be debated, or shot down immediately, but
>still I'm throwing it out there.  Without tmpwatch people WILL notice
>more insecure /tmp usage, even if by only the broken usages (i.e.
>leaving the files behind).  Any thoughts?

This is IMHO an absolutely fantastic idea.  I'm forwarding it 
internally in case any shmuckheads aren't reading this list.  ;o)

Mike A. Harris     ftp://people.redhat.com/mharris
OS Systems Engineer - XFree86 maintainer - Red Hat

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]