Another reason why - really /tmp
David Sherman
dave at lsuc.UUCP
Fri Sep 27 07:22:24 AEST 1985
In article <2279 at sunybcs.UUCP> loverso at sunybcs.UUCP (John Robert LoVerso) writes:
>From: peter at rlgvax.UUCP (Peter Klosky) 16 Sep 85 <764 at rlgvax.UUCP>
>> > For security make your /tmp file 0600 mode.
>>
>> /tmp is world writeable. This means that anyone can unlink tmp files.
>> In particular, my application wants to pass state data from a child
>> process to a parent prodcess via a tmp file that the child creates,
>> and there are windows of vulnerability in this scheme, due to the unlink
>> trouble.
>
>Easy. have your application make a subdirectory in /tmp, and then place
>a file within that subdir. As long as your subdirectory is not world
>writeable, you can place tmp files there w/o having a window of vulnerability.
Well, you can't LOSE your data, but you can still have it misplaced
for you. All the "bad guy" has to do is mv /tmp/yourdir /tmp/nowhere,
and your parent process will never find it.
Dave Sherman
The Law Society of Upper Canada
Toronto
--
{ ihnp4!utzoo pesnta utcs hcr decvax!utcsri } !lsuc!dave
More information about the Comp.unix.wizards
mailing list