Date: Sat, 10 Mar 2001 23:47:16 -0500 From: Will Andrews <will@physics.purdue.edu> To: Dan Langille <dan@langille.org> Cc: security@FreeBSD.ORG Subject: Re: temp files for security/logcheck Message-ID: <20010310234716.S45561@ohm.physics.purdue.edu> In-Reply-To: <200103110435.f2B4ZHw04676@ns1.unixathome.org>; from dan@langille.org on Sun, Mar 11, 2001 at 05:35:16PM %2B1300 References: <200103110435.f2B4ZHw04676@ns1.unixathome.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--+cdUESGy8E0PQTBL Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Mar 11, 2001 at 05:35:16PM +1300, Dan Langille wrote: > The port security/logcheck creates /usr/local/etc/tmp[1] and chmod's it= =20 > to 700. It does that because the temp files it creates and uses need to= =20 > be relativly secure. It writes out several files that could cause proble= ms=20 > if a user made links, etc. >=20 > Does anyone see any issues which we need to deal with? e.g. the=20 > security of this directory, the name of this directory... If logcheck needs secure tempfiles, it can chmod them. Or if it needs a dir to itself, it can have a /usr/local/var/tmp/logcheck/ directory. --=20 wca --+cdUESGy8E0PQTBL Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.3 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6qwNUF47idPgWcsURAj7KAJsErCuY4CvKu1Xp2V/0W9YmzHfT8ACfY8c6 ZTasLdWuj5dF4KdMBetFsDE= =1GeG -----END PGP SIGNATURE----- --+cdUESGy8E0PQTBL-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010310234716.S45561>