[11329] in bugtraq
Re: user flags in public temp space (was Re: chflags() [heads up
daemon@ATHENA.MIT.EDU (Adam Morris)
Tue Aug 10 04:41:44 1999
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 8bit
Mime-Version: 1.0
Message-Id: <XFMail.990809103725.Adam.Morris@onyx.net>
Date: Mon, 9 Aug 1999 10:37:25 +0100
Reply-To: Adam Morris <Adam.Morris@ONYX.NET>
From: Adam Morris <Adam.Morris@ONYX.NET>
X-To: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <199908060417.OAA24850@cheops.anu.edu.au>
-----BEGIN PGP SIGNED MESSAGE-----
On 06-Aug-99 Darren Reed wrote:
>
> If you're designing a software package, want to use temporary files and
> directories but you need the names to be the same every time, where do
> you put them ? Are you required to use open(O_CREAT|O_EXCL) for files
> in /tmp ? Apart from the ability to exchange files between users with
> /tmp, having private /tmp's for each uid using the system (with a non-
> world writeable /tmp) has a lot of merit which I hope someone will someday
> properly explore - i.e. there exist programming languages in which the
> buffer overflow is a non-event, now we need an operating system design
> where the /tmp file race-condition is a non-event.
>
We already have something like that...
The CMW machines (Compartmentalised Mode Workstation) has the concept of "multi
level directories" These include such things as /tmp. When you are operating
at level "Top Secret" you have what appears to be a different /tmp from when
you are operating at level "unclassified". As far as I can tell, it does
actually keep the files in different directories. I haven't really poked
around at the raw disk level on one of these beasts though (which requires
special privileges) so I can't guarantee it. You can definitely have two
different files in different level /tmp directories with the same name.
Adam.
- ----------------------------------
If this message isn't signed, it probably isn't me.
Adam Morris - Systems Engineer - Onyx Internet
There's no real need to do housework -- after four years it doesn't get
any worse.
- ----------------------------------
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
iQCVAwUBN66hVDxztoTO1QFNAQH0hgP/b8fwKC3DcQ4NQau0SYMt5jY+UtzIyAYf
GnUrI2MCe+A0JwCFQcmIaTcq4SDCB0Ni6yBwFKBdVGgLRsCK4yWtqUisHOGGw9d4
GQQ4r2UilLDf6ByE25Or4VJ9Re6miMQmm3j/koCQMwErbOtDlNh/J42CgtnZ0Rc5
LQKlCJ1CjxQ=
=qver
-----END PGP SIGNATURE-----
