From owner-freebsd-security Sun Apr 26 15:25:59 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA26808 for freebsd-security-outgoing; Sun, 26 Apr 1998 15:10:31 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from mail.cs.tu-berlin.de (root@mail.cs.tu-berlin.de [130.149.17.13]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA24903; Sun, 26 Apr 1998 14:55:32 -0700 (PDT) (envelope-from wosch@cs.tu-berlin.de) Received: from panke.panke.de (anonymous231.ppp.cs.tu-berlin.de [130.149.17.231]) by mail.cs.tu-berlin.de (8.8.8/8.8.8) with ESMTP id XAA10525; Sun, 26 Apr 1998 23:47:12 +0200 (MET DST) Received: (from wosch@localhost) by panke.panke.de (8.8.5/8.6.12) id XAA02253; Sun, 26 Apr 1998 23:44:10 +0200 (MET DST) Message-ID: <19980426234408.04873@panke.de> Date: Sun, 26 Apr 1998 23:44:08 +0200 From: Wolfram Schneider To: rotel@indigo.ie Cc: David Kelly , freebsd-security@FreeBSD.ORG, wosch@FreeBSD.ORG, ncb05@uow.edu.au Subject: Re: Symlinks again... References: <199804251210.NAA01265@indigo.ie> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.79 In-Reply-To: <199804251210.NAA01265@indigo.ie>; from Niall Smart on Sat, Apr 25, 1998 at 01:10:25PM +0000 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk On 1998-04-25 13:10:25 +0000, Niall Smart wrote: > On Apr 24, 10:13pm, David Kelly wrote: > } Subject: Re: Symlinks again... > > > [ discussion of problem with temporary files in locate.* ] This is a known problem. As an intruder I would not waste my time with locate. There are a lot easier ways to break into the system. A real fix is: 1) set TMPDIR to a filesystem which disabled symlinks (mount -o nosymfollow) or 2) set TMPDIR to a directory which is only writeable for the user nobody. > > > The code is still wrong though, an account is compromisable. I > > > would submit a PR. mktemp(1) should be ported to -stable to make > > > fixing/avoiding this type of thing easier. Any takers? > > > > It appears mktemp made it into RELENG_2_2 recently (I don't know how to > > ask CVS yet). So maybe all that's left to do is fold it into the right > > places? Your changes ignored the fact that many other programs/scripts (e.g. sort(1)) may create temp files in /tmp. -- Wolfram Schneider http://www.freebsd.org/~wosch/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message From owner-freebsd-security Mon Apr 27 11:10:26 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA04870 for freebsd-security-outgoing; Mon, 27 Apr 1998 11:10:26 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from sasami.jurai.net (winter@sasami.jurai.net [207.153.65.3]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA04840 for ; Mon, 27 Apr 1998 11:10:11 -0700 (PDT) (envelope-from winter@jurai.net) Received: from localhost (winter@localhost) by sasami.jurai.net (8.8.8/8.8.7) with SMTP id OAA04460 for ; Mon, 27 Apr 1998 14:10:11 -0400 (EDT) Date: Mon, 27 Apr 1998 14:10:10 -0400 (EDT) From: "Matthew N. Dodd" To: freebsd-security@FreeBSD.ORG Subject: Kerberos5? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk Any chance that the kerberos4 stuff will be replaced with kerberos5? /* Matthew N. Dodd | A memory retaining a love you had for life winter@jurai.net | As cruel as it seems nothing ever seems to http://www.jurai.net/~winter | go right - FLA M 3.1:53 */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message From owner-freebsd-security Mon Apr 27 13:58:48 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA05196 for freebsd-security-outgoing; Mon, 27 Apr 1998 13:58:48 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from burka.rdy.com (dima@burka.rdy.com [205.149.163.30]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA05185 for ; Mon, 27 Apr 1998 13:58:40 -0700 (PDT) (envelope-from dima@burka.rdy.com) Received: by burka.rdy.com id NAA05185; (8.8.8/RDY) Mon, 27 Apr 1998 13:58:34 -0700 (PDT) Message-Id: <199804272058.NAA05185@burka.rdy.com> Subject: Re: Kerberos5? In-Reply-To: from "Matthew N. Dodd" at "Apr 27, 98 02:10:10 pm" To: winter@jurai.net (Matthew N. Dodd) Date: Mon, 27 Apr 1998 13:58:34 -0700 (PDT) Cc: freebsd-security@FreeBSD.ORG X-Class: Fast Organization: HackerDome Reply-To: dima@best.net From: dima@best.net (Dima Ruban) X-Mailer: ELM [version 2.4ME+ PL38 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk Matthew N. Dodd writes: > > Any chance that the kerberos4 stuff will be replaced with kerberos5? Not in the nearest future. There still too much stuff needs to be done. > > /* > Matthew N. Dodd | A memory retaining a love you had for life > winter@jurai.net | As cruel as it seems nothing ever seems to > http://www.jurai.net/~winter | go right - FLA M 3.1:53 > */ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe security" in the body of the message > -- dima To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message