Re: Security Anti Symlink Attack Patch for 2.1.71

H. Peter Anvin (hpa@transmeta.com)
10 Dec 1997 08:28:26 GMT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andrea Arcangeli: "Re: Nasty 2.1.70 fs problem"
Previous message: Theodore Y. Ts'o: "Re: [PATCH][2.1.71] BSD revoke() syscall"

Followup to: <Pine.LNX.3.91.971209142244.15611B-100000@mhw.OIT.IUPUI.EDU>
By author: "Mark H. Wood" <mwood@mhw.OIT.IUPUI.EDU>
In newsgroup: linux.dev.kernel
>
> Well, it seems to me that the safest way to do this is to abandon the
> shared /tmp altogether and make every user provide his own ~/tmp. Best
> would be to define an environment variable TMP to point to it, so you
> could still do a single /tmp or put all the users' TMPs on a separate
> scratch disk or.... It seems to work well on VMS. Set the protections
> properly when the account is created, and if the user fiddles with them
> then he gets what he deserves.
>
> I know, I know: it would take years to get general agreement and many
> more years to modify all of the programs that just assume /tmp . But you
> asked.
>

Well, some of those years have already passed -- many (but not all)
programs will use the directory pointed to by TMPDIR if you set that
variable.

-hpa

-- 
    PGP: 2047/2A960705 BA 03 D3 2C 14 A8 A8 BD  1E DF FE 69 EE 35 BD 74
    See http://www.zytor.com/~hpa/ for web page and full PGP public key
        I am Bahá'í -- ask me about it or see http://www.bahai.org/
   "To love another person is to see the face of God." -- Les Misérables

Next message: Andrea Arcangeli: "Re: Nasty 2.1.70 fs problem"
Previous message: Theodore Y. Ts'o: "Re: [PATCH][2.1.71] BSD revoke() syscall"