Bugtraq mailing list archives
insecure tmp file creation (slack)
From: bmacdonald () SYD AURACOM COM (neonhaze)
Date: Mon, 6 Apr 1998 07:29:44 -0400
Linux Slackware I don't know which of these are already known so please bare with me. When the following programs are run they create /tmp files that do not check for links and will happily overwrite any file when the program is running as root. So link one of them to your favorite root owned file you would like to destroy (or edit in pkgtool's case) and wait for root to run the affected program. -Affected Program- -File created in /tmp- -Created File Perms- liloconfig-color reply -rw-r--r-- pkgtool reply -rw-rw-rw- makebootdisk return -rw-r--r-- netconfig tmpmsg -rw-r--r-- found by neonhaze <neonhaze () mailcity com> <bmacdonald () syd auracom com>
Current thread:
- insecure tmp file creation (slack) neonhaze (Apr 06)