[18195] in bugtraq
Re: /tmp topic
daemon@ATHENA.MIT.EDU (Tollef Fog Heen)
Tue Dec 19 18:44:18 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <87d7eokjn8.fsf@manon.pvv.ntnu.no>
Date: Tue, 19 Dec 2000 07:30:35 +0100
Reply-To: Tollef Fog Heen <tollef@ADD.NO>
From: Tollef Fog Heen <tollef@ADD.NO>
X-To: Max Gribov <mgribov@LINKSHARE.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: Max Gribov's message of "Fri, 15 Dec 2000 16:56:43 -0500"
* Max Gribov
| Mount /tmp with noexec option in /etc/fstab is a pretty secure
| thingto do...
At least under Linux, noexec is not very useful: (I know this has
been disclosed on bugtraq before, but, obviously, not everybody knows
about it)
$cat hello.c
#include <stdio.h>
int main() {
printf("hello world\n");
return 0;
}
$gcc -o hello hello.c
$./hello
bash: ./hello: Permission denied
$/lib/ld-linux.so.2 ./hello
hello world
Basically - it all boils down to:
don't use /tmp, use $TMPDIR or $TMP, failing that use $HOME/tmp. If
that fails, use /tmp with mkstemp/mkdtemp (like Kris Kennaway wrote)
or open(2) with O_EXCL. If everything fails, bail out or give the
user warning and option to retry. (Whatever's appropriate for the
program)
--
Tollef Fog Heen
Unix _IS_ user friendly... It's just selective about who its friends are.
