Re: temp files for security/logcheck
From: Greg White (gregw-freebsd-security@greg.cex.ca)
Date: 03/11/01
- Next message: Dan Langille: "Re: temp files for security/logcheck"
- Previous message: Kris Kennaway: "Re: temp files for security/logcheck"
- In reply to: Kris Kennaway: "Re: temp files for security/logcheck"
- Next in thread: Dan Langille: "Re: temp files for security/logcheck"
- Reply: Dan Langille: "Re: temp files for security/logcheck"
- Reply: Kris Kennaway: "Re: temp files for security/logcheck"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 10 Mar 2001 23:08:43 -0800 From: Greg White <gregw-freebsd-security@greg.cex.ca> To: FreeBSD Security <freebsd-security@freebsd.org>
On Sat, Mar 10, 2001 at 10:53:46PM -0800, Kris Kennaway wrote:
> On Sun, Mar 11, 2001 at 05:47:58PM +1300, Dan Langille wrote:
> > AFAIK, the files disappear each time the script is run:
> >
> > umask 077
> > rm -f $TMPDIR/check.$$ $TMPDIR/checkoutput.$$
>
> [...]
>
> Blah, that's an insecure way to create files in $TMPDIR (which is
> usually /tmp). It needs to use mktemp(1).
>
> Kris
It is in general, but not in this case. The script and the directory are
mode 0700 -- this makes it difficult for it to be insecure. $TMPDIR is
explicitly set.
--
Greg White
Those who make peaceful revolution impossible will make violent
revolution inevitable.
-- John F. Kennedy
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Dan Langille: "Re: temp files for security/logcheck"
- Previous message: Kris Kennaway: "Re: temp files for security/logcheck"
- In reply to: Kris Kennaway: "Re: temp files for security/logcheck"
- Next in thread: Dan Langille: "Re: temp files for security/logcheck"
- Reply: Dan Langille: "Re: temp files for security/logcheck"
- Reply: Kris Kennaway: "Re: temp files for security/logcheck"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
