[11311] in bugtraq
Re: user flags in public temp space (was Re: chflags() [heads up])
daemon@ATHENA.MIT.EDU (Darren Reed)
Mon Aug 9 15:14:09 1999
Content-Type: text
Message-Id: <199908071245.WAA04869@cheops.anu.edu.au>
Date: Sat, 7 Aug 1999 22:45:31 +1000
Reply-To: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
From: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
X-To: Tim Fletcher <tim@night-shade.demon.co.uk>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.10.9908070233300.8149-100000@night-shade.parrswood.org> from "Tim Fletcher" at Aug 7,
99 02:43:59 am
In some mail from Tim Fletcher, sie said:
>
> > I think I defeated myself in trying to explain the implementation I was
> > trying to describe. For each user, when they login, a virtual /tmp is
> > created and that is shared between all sessions that user has. This is
> > setup at login time and is carried forth to all children, root or not,
> > and cannot be reset (somewhat akin to chroot) unless devious methods are
> > employed (i.e. write to /dev/mem).
> >
> > So if I have 10 logins to host foo, each login sees the same /tmp, even
> > the root shells I generate via su/sudo in half. If I login as root, I
> > don't have the same /tmp (I get a different one). cron/at jobs would
> > be no different. So the `real' /tmp could even be 755 root.wheel.
>
> Although it does rather cripple /tmp in another way: That of sharing
> information between users. If I tell another user that the file s/he wants
> is in /tmp (as my /home/tim dir is 711 with most files 600) I don't have
> to mess with file perms and s/he doesn't have to get the exact right name
> to read the file.
Why do they need to access your home dir ? You're making assumptions
which you probably shouldn't...
