[8561] in bugtraq
Re: Xinetd /tmp race?
daemon@ATHENA.MIT.EDU (Kevin Vajk)
Sat Nov 14 21:18:48 1998
Date: Sat, 14 Nov 1998 14:30:21 -0800
Reply-To: Kevin Vajk <kvajk@ricochet.net>
From: Kevin Vajk <kvajk@RICOCHET.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <cxhfw35jh6.fsf@mccme.ru>
On Sat, 14 Nov 1998, stanislav shalunov wrote:
> Marc Heuse <marc@SUSE.DE> writes:
>
> > It's hard to secure a create-or-append open call, anyone with an
> > idea for a standard solution?
>
> You have missed a word in this sentence: ``It's _not_ hard...''
No, I think your sentence has one word too many. :)
> open the file O_WRONLY|O_APPEND
> fstat the fd
This solution prevents users from writing to files they shouldn't
but doesn't prevent them from opening files they shouldn't.
Get it out of /tmp or use O_EXCL.
- Kevin Vajk
<kvajk@ricochet.net>
