[20452] in bugtraq
Re: Linux patches to solve /tmp race problem
daemon@ATHENA.MIT.EDU (Tollef Fog Heen)
Thu Apr 26 02:54:18 2001
Mail-Copies-To: never
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-ID: <87k849aqvv.fsf@arabella.pvv.ntnu.no>
Date: Wed, 25 Apr 2001 18:25:08 +0200
Reply-To: Tollef Fog Heen <tollef@ADD.NO>
From: Tollef Fog Heen <tollef@ADD.NO>
X-To: Kurt Seifried <bugtraq@SEIFRIED.ORG>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <008601c0cd4d$87cb5700$3200030a@seifried.org>
* Kurt Seifried
| > PAM handles this quite nicely.
| >
| > I've hacked together a PAM module which sets TMPDIR (and TMP) to
| > /tmp/user/uid, which I could probably make available (mail me if you
| > are interested). Fixing programs to use TMP and TMPDIR is the correct
| > solution.
|
| No need for that when we have "pam_env". From the docs "This module allows the
| (un)setting of environment variables. Supported is the use of previously set
| environment variables as well as PAM_ITEMs such as PAM_RHOST."
|
| /etc/security/pam_env.conf
I couldn't get it to set TMP to something which was per-user (which is
probably easy, but it wouldn't cooperate with me), and it doesn't (and
shouldn't) create the tmpdir for you. This is implemented in a nicer
(imho) way in pam_tmpdir which removes the need for world writable
/tmp/user/ . An alternative which would be able to do the exact same
thing is get pam_env to set TMP and TMPDIR and have a suid
create-tmpdir-program which creates the /tmp/user/$UID .
--
Tollef Fog Heen
Unix _IS_ user friendly... It's just selective about who its friends are.
