Re: Security Anti Symlink Attack Patch for 2.1.71

H. Peter Anvin (
10 Dec 1997 08:28:26 GMT

Followup to: <Pine.LNX.3.91.971209142244.15611B-100000@mhw.OIT.IUPUI.EDU>
By author: "Mark H. Wood" <mwood@mhw.OIT.IUPUI.EDU>
In newsgroup:
> Well, it seems to me that the safest way to do this is to abandon the
> shared /tmp altogether and make every user provide his own ~/tmp. Best
> would be to define an environment variable TMP to point to it, so you
> could still do a single /tmp or put all the users' TMPs on a separate
> scratch disk or.... It seems to work well on VMS. Set the protections
> properly when the account is created, and if the user fiddles with them
> then he gets what he deserves.
> I know, I know: it would take years to get general agreement and many
> more years to modify all of the programs that just assume /tmp . But you
> asked.

Well, some of those years have already passed -- many (but not all)
programs will use the directory pointed to by TMPDIR if you set that


    PGP: 2047/2A960705 BA 03 D3 2C 14 A8 A8 BD  1E DF FE 69 EE 35 BD 74
    See for web page and full PGP public key
        I am Bahá'í -- ask me about it or see
   "To love another person is to see the face of God." -- Les Misérables