Date: Sun, 26 Apr 1998 23:44:08 +0200 From: Wolfram Schneider <wosch@cs.tu-berlin.de> To: rotel@indigo.ie Cc: David Kelly <dkelly@hiwaay.net>, freebsd-security@FreeBSD.ORG, wosch@FreeBSD.ORG, ncb05@uow.edu.au Subject: Re: Symlinks again... Message-ID: <19980426234408.04873@panke.de> In-Reply-To: <199804251210.NAA01265@indigo.ie>; from Niall Smart on Sat, Apr 25, 1998 at 01:10:25PM %2B0000 References: <dkelly@hiwaay.net> <199804251210.NAA01265@indigo.ie>
next in thread | previous in thread | raw e-mail | index | archive | help
On 1998-04-25 13:10:25 +0000, Niall Smart wrote: > On Apr 24, 10:13pm, David Kelly wrote: > } Subject: Re: Symlinks again... > > > [ discussion of problem with temporary files in locate.* ] This is a known problem. As an intruder I would not waste my time with locate. There are a lot easier ways to break into the system. A real fix is: 1) set TMPDIR to a filesystem which disabled symlinks (mount -o nosymfollow) or 2) set TMPDIR to a directory which is only writeable for the user nobody. > > > The code is still wrong though, an account is compromisable. I > > > would submit a PR. mktemp(1) should be ported to -stable to make > > > fixing/avoiding this type of thing easier. Any takers? > > > > It appears mktemp made it into RELENG_2_2 recently (I don't know how to > > ask CVS yet). So maybe all that's left to do is fold it into the right > > places? Your changes ignored the fact that many other programs/scripts (e.g. sort(1)) may create temp files in /tmp. -- Wolfram Schneider <wosch@freebsd.org> http://www.freebsd.org/~wosch/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980426234408.04873>