Bugtraq mailing list archives

Re: Xinetd /tmp race?

From: kvajk () ricochet net (Kevin Vajk)
Date: Sat, 14 Nov 1998 14:30:21 -0800


On Sat, 14 Nov 1998, stanislav shalunov wrote:

Marc Heuse <marc () SUSE DE> writes:

It's hard to secure a create-or-append open call, anyone with an
idea for a standard solution?


You have missed a word in this sentence: ``It's _not_ hard...''


No, I think your sentence has one word too many. :)

                open the file O_WRONLY|O_APPEND
                fstat the fd


This solution prevents users from writing to files they shouldn't
but doesn't prevent them from opening files they shouldn't.

Get it out of /tmp or use O_EXCL.

- Kevin Vajk
  <kvajk () ricochet net>

Current thread:

WARNING: Another ICQ IP address vulnerability, (continued)
- WARNING: Another ICQ IP address vulnerability Mnemonix (Nov 11)
- Citadel security exploits? Stout, Bill (Nov 11)
- Re: Xinetd /tmp race? Wayne Schroeder (Nov 11)
- Re: Xinetd /tmp race? Glynn Clements (Nov 11)
- Re: Xinetd /tmp race? Jesús Cea Avión (Nov 12)
- Re: Xinetd /tmp race? Glynn Clements (Nov 12)
  - Re: Xinetd /tmp race? Casper Dik (Nov 14)
- Re: Xinetd /tmp race? Marc Heuse (Nov 13)
  - Re: Xinetd /tmp race? Pavel Kankovsky (Nov 13)
- Re: Xinetd /tmp race? stanislav shalunov (Nov 13)
  - Re: Xinetd /tmp race? Kevin Vajk (Nov 14)