DOH! DOH! DOH!
I meant to add a note about randomizing the tempfile names
but forgot to add it in the bugtraq email.
I apologize for being lame.
However, I still think that avoiding world writable temporary
directories in the first place is your best bet. Trying to
randomize your tempfile names alone is almost (now, before
hundreds of people start attacking my philosophy, i said, *almost*)
practising security through obscurity! I'm not saying that this
extra step should not be taken, but relying upon PRNGs alone
doesn't solve the problem, just makes it a bit harder.
Afterall, PRNGs utilize deterministic algorithms which simulate
randomness. As some people like to put it: due to the finite
state space of the program implementing the PRNG, its output
will eventually return to its original value. We could argue
from now till kingdom come on what is an acceptable period.
- John
Received on Feb 01 2000
Intro
