Date: Sat, 10 Mar 2001 23:45:19 -0500 From: Pete Fritchman <petef@databits.net> To: Dan Langille <dan@langille.org> Cc: security@freebsd.org Subject: Re: temp files for security/logcheck Message-ID: <20010310234519.A68252@databits.net> In-Reply-To: <200103110435.f2B4ZHw04676@ns1.unixathome.org>; from dan@langille.org on Sun, Mar 11, 2001 at 05:35:16PM %2B1300 References: <200103110435.f2B4ZHw04676@ns1.unixathome.org>
next in thread | previous in thread | raw e-mail | index | archive | help
It seems logical that the port should just use ${TMPDIR}/.logcheck/ or
something of that nature. Does it need to be there permenately? Or can
it just be created/deleted when the program is started/stopped? I saw
the thread on -ports earlier but didn't get a chance to respond.
-pete
++ 11/03/01 17:35 +1300 - Dan Langille:
>The port security/logcheck creates /usr/local/etc/tmp[1] and chmod's it
>to 700. It does that because the temp files it creates and uses need to
>be relativly secure. It writes out several files that could cause problems
>if a user made links, etc.
>
>Does anyone see any issues which we need to deal with? e.g. the
>security of this directory, the name of this directory...
>
>[1] - Prior to a recent port change, it used /usr/local/etc/tmp
>
>--
>Dan Langille
>pgpkey - finger dan@unixathome.org | http://unixathome.org/finger.php
>got any work? I'm looking for some.
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-security" in the body of the message
--
Pete Fritchman <petef@databits.net>
Databits Network Services, Inc. <http://databits.net>;
finger petef@databits.net for PGP key
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010310234519.A68252>