Bugtraq mailing list archives

Re: Tempfile vulnerabilities

From: foo () BLACKLISTED INTRANOVA NET (foo)
Date: Mon, 31 Jan 2000 21:53:29 +0000


DOH! DOH! DOH!

I meant to add a note about randomizing the tempfile names
but forgot to add it in the bugtraq email.
I apologize for being lame.

However, I still think that avoiding world writable temporary
directories in the first place is your best bet. Trying to
randomize your tempfile names alone is almost (now, before
hundreds of people start attacking my philosophy, i said, *almost*)
practising security through obscurity! I'm not saying that this
extra step should not be taken, but relying upon PRNGs alone
doesn't solve the problem, just makes it a bit harder.
Afterall, PRNGs utilize deterministic algorithms which simulate
randomness. As some people like to put it: due to the finite
state space of the program implementing the PRNG, its output
will eventually return to its original value. We could argue
from now till kingdom come on what is an acceptable period.

- John

Current thread:

Re: Tempfile vulnerabilities Dug Song (Jan 31)
- <Possible follow-ups>
- Re: Tempfile vulnerabilities foo (Jan 31)
- Re: Tempfile vulnerabilities Grant Taylor (Jan 31)
  - Re: Tempfile vulnerabilities Theo de Raadt (Feb 01)
  - Microsoft Security Bulletin (MS00-007) Aleph One (Feb 01)
  - Re: Tempfile vulnerabilities Werner Koch (Feb 02)
    - Re: Tempfile vulnerabilities Theo de Raadt (Feb 02)
    - Evil Cookies. Iain Wade (Feb 02)
    - UPDATE: Sygate 3.11 Port 7323 Telnet Hole jalerta () nestworks com (Feb 03)
    - Re: Evil Cookies. Joachim Feise (Feb 03)
    - Re: Evil Cookies. Jon Paul, Nollmann (Feb 05)
    - Reminder: BOF on Distributed DoS, San Jose 2/7/00 David Kennedy CISSP (Feb 06)

(Thread continues...)