[19338] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: HeliSec: StarOffice symlink exploit

daemon@ATHENA.MIT.EDU (Kurt Seifried)
Thu Feb 22 20:17:16 2001

Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id:  <01ad01c09d17$36888860$3200030a@seifried.org>
Date:         Thu, 22 Feb 2001 14:34:17 -0700
Reply-To: Kurt Seifried <bugtraq@SEIFRIED.ORG>
From: Kurt Seifried <bugtraq@SEIFRIED.ORG>
X-To:         Christian <christian@IT.MURDOCH.EDU.AU>
To: BUGTRAQ@SECURITYFOCUS.COM

> > StarOffice creates a temporary directory in /tmp called soffice.tmp,
> > with permissions 0777. Into this directory other temporary files are
creates,
> > with the format: svZZZZ.tmp, where ZZZZ in a four or five digits number.

Staroffice honors $TMP, so create /home/foo/tmp and set your TMP variable. This
is not a solution per se I know, but it does help (and more and more apps are
honoring the $TMP/$TMPDIR variable).

Kurt Seifried, seifried@securityportal.com
Securityportal - your focal point for security on the 'net


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[19338] in bugtraq

Re: HeliSec: StarOffice symlink exploit

daemon@ATHENA.MIT.EDU (Kurt Seifried)Thu Feb 22 20:17:16 2001

daemon@ATHENA.MIT.EDU (Kurt Seifried)
Thu Feb 22 20:17:16 2001