[2167] in bugtraq
Re: -rw-rw-rw- 1 root 8025 Aug 24 04:10
daemon@ATHENA.MIT.EDU (Dave Roberts)
Tue Aug 29 19:54:21 1995
Date: Tue, 29 Aug 1995 14:08:28 +0100
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: Dave Roberts <djr@haddock.saa-cons.co.uk>
X-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
In-Reply-To: <199508251309.HAA05587@crimelab.com>
On Fri, 25 Aug 1995, Darren Reed wrote:
> People designing setuid-root programs or programs in general which perform
> priviledged operations and need temporary files should consider using a
> non-public access directory as the temp. file location.
What about using the tempnam() call? Maybe it's not available on all
platforms although it is on AIX, SCO and HP-UX, so I'd have thought it
would be.
Do you feel that the randomness of the filenames this returns is not
random enough? Or is it that the very nature of a file that the world can
get at is the security threat, no matter what permissions are in
existence. I'd have thought that having /tmp mode 1777, using tempnam()
to get the file name, and creating this file in mode 0600 would be
sufficient.
Dave Roberts | "Just paddling out into big surf is a total
Unix Systems Administrator | commitment" * "You can't just call time-out and
SAA Consultants Ltd | stroll on back to the beach if you don't like
Plymouth, UK <EDI Services> | the way things are going" - Point Break
