Bugtraq mailing list archives
Re: /tmp topic
From: Tollef Fog Heen <tollef () ADD NO>
Date: Tue, 19 Dec 2000 07:30:35 +0100
* Max Gribov | Mount /tmp with noexec option in /etc/fstab is a pretty secure | thingto do... At least under Linux, noexec is not very useful: (I know this has been disclosed on bugtraq before, but, obviously, not everybody knows about it) $cat hello.c #include <stdio.h> int main() { printf("hello world\n"); return 0; } $gcc -o hello hello.c $./hello bash: ./hello: Permission denied $/lib/ld-linux.so.2 ./hello hello world Basically - it all boils down to: don't use /tmp, use $TMPDIR or $TMP, failing that use $HOME/tmp. If that fails, use /tmp with mkstemp/mkdtemp (like Kris Kennaway wrote) or open(2) with O_EXCL. If everything fails, bail out or give the user warning and option to retry. (Whatever's appropriate for the program) -- Tollef Fog Heen Unix _IS_ user friendly... It's just selective about who its friends are.
Current thread:
- /tmp topic Octavio / Super (Dec 16)
- Re: /tmp topic Max Gribov (Dec 18)
- Re: /tmp topic Tollef Fog Heen (Dec 19)
- Re: /tmp topic Glynn Clements (Dec 19)
- Re: /tmp topic Self, Karsten (Dec 26)
- Re: /tmp topic Kris Kennaway (Dec 18)
- Re: /tmp topic Kris Kennaway (Dec 19)
- <Possible follow-ups>
- Re: /tmp topic Brad Cavanagh (Dec 18)
- Re: /tmp topic Ben Greenbaum (Dec 26)
- Re: /tmp topic Max Gribov (Dec 18)