Home page logo

bugtraq logo Bugtraq mailing list archives

Re: StarOffice 5.2 Temporary Dir Vulnerability
From: "Igor Falcomata'" <igor () INFOSEC IT>
Date: Wed, 8 Nov 2000 11:35:45 +0100

On Wed, Nov 08, 2000 at 03:33:53PM +0800, Christian wrote:


A while back I noticed that StarOffice 5.2 (running under Linux and
Solaris) creates a temporary directory under /tmp with the name
"soffice.tmp" with permissions 0777.  I figured there had to be some

a real quick workaround is to make (as root) a "fixed" /tmp/soffice.tmp 777
+t dir.

drwxrwxrwt    2 root     root         1024 Nov  9 11:39 soffice.tmp

Note that files created by SO in this dir are still readable (but not
writable) by other users, so change the $TMP var is probabily better.



Igor Falcomata'
IT Security Manager & Consultant
Infosec srl - www.infosec.it
Network Security and Data Defense
free advertising: www.openbsd.org - Multiplatform Ultra-secure OS

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]