Bugtraq mailing list archives

Re: GCC 2.7.? /tmp files

From: perry () piermont com (Perry E. Metzger)
Date: Sun, 18 Jan 1998 21:18:44 -0500


Theo de Raadt writes:

In OpenBSD we have fixed hundreds of these /tmp races.  I do not
believe there is a simple answer.


I believe there is.

General publically writable /tmp directories are bad. Systems should
move towards using /tmp/${USER}/ directories on a per-user basis, with
these directories being only touchable by the user. These would cut,
in a gordion knot fashion, literally hundreds of exploits that have
shown up in dozens of places.

I believe, btw, that a similar general fix might help out the
spate of /var/mail security problems.

Perry

Current thread:

Re: GCC 2.7.? /tmp files Michael Douglass (Jan 15)
- MC shell scripts Micha? Zalewski (Jan 17)
- Re: GCC 2.7.? /tmp files Theo de Raadt (Jan 18)
  - Re: GCC 2.7.? /tmp files Perry E. Metzger (Jan 18)
- Solaris ftpd D.O.S. Stanley Stasiak (Jan 19)
  - Buffer overflow in Yapp Conferencing System... satan (Jan 20)
  - Re: Solaris ftpd D.O.S. Aggelos P. Varvitsiotis (Jan 20)
    - Re: Solaris ftpd D.O.S. Casper Dik (Jan 20)
    - SNI-23: SSH - Vulnerability in ssh-agent Secure Networks Inc. (Jan 20)
    - How to recover private keys for various Microsoft products Aleph One (Jan 20)
    - HP-UX CUE, CUD and LAND vulnerabilities Aleph One (Jan 21)
    - Re: Xserver stack smashed -- wrapper John Goerzen (Jan 21)
    - Re: Xserver stack smashed -- wrapper Pavel Kankovsky (Jan 21)