Re: temp files for security/logcheck
From: Kris Kennaway (kris@obsecurity.org)
Date: 03/11/01
- Next message: Greg White: "Re: temp files for security/logcheck"
- Previous message: jomor: "IPSEC tunnel & setkey, How do I tell if setkey worked?"
- In reply to: Dan Langille: "Re: temp files for security/logcheck"
- Next in thread: Greg White: "Re: temp files for security/logcheck"
- Reply: Greg White: "Re: temp files for security/logcheck"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 10 Mar 2001 22:53:46 -0800 From: Kris Kennaway <kris@obsecurity.org> To: Dan Langille <dan@langille.org>
On Sun, Mar 11, 2001 at 05:47:58PM +1300, Dan Langille wrote:
> AFAIK, the files disappear each time the script is run:
>
> umask 077
> rm -f $TMPDIR/check.$$ $TMPDIR/checkoutput.$$
[...]
Blah, that's an insecure way to create files in $TMPDIR (which is
usually /tmp). It needs to use mktemp(1).
Kris
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- application/pgp-signature attachment: stored
- Next message: Greg White: "Re: temp files for security/logcheck"
- Previous message: jomor: "IPSEC tunnel & setkey, How do I tell if setkey worked?"
- In reply to: Dan Langille: "Re: temp files for security/logcheck"
- Next in thread: Greg White: "Re: temp files for security/logcheck"
- Reply: Greg White: "Re: temp files for security/logcheck"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
