Bugtraq mailing list archives
Re: Force Feeding
From: dim () XS4ALL NL (Dimitry Andric)
Date: Mon, 26 Jun 2000 22:24:22 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2000-06-24 at 17:58 David LeBlanc wrote:
This is Win9x specific, and although you can generally count on NT 4.0 having a c:\temp, Win2k has per-user temp directories, which complicate this somewhat, and neither c:\temp or c:\windows\temp normally exist.
Sorry, but under Win2k you DO have a %SystemRoot%\Temp folder (so usually that's C:\WINNT\Temp), and the system environment variable TEMP and TMP are by default set to that directory. This is to prevent the %SystemRoot% directory from cluttering up with temp files from services and other system processes (as in NT4). Maybe it is best to set permissions for any Temp dir as "Creator Owner: Full Control" only, or as you suggest, even removing the Execute permission. I fear that might break some legitimate software though; most installation programs (i.e. InstallShield, Wise) use the Temp directory to run subcomponents of their install engines. Cheers, - -- Dimitry Andric <dim () xs4all nl> PGP key: http://www.xs4all.nl/~dim/dim.asc KeyID: 4096/1024-0x2E2096A3 Fingerprint: 7AB4 62D2 CE35 FC6D 4239 4FCD B05E A30A 2E20 96A3 -----BEGIN PGP SIGNATURE----- Version: Encrypted with PGP Plugin for Calypso Comment: http://www.gn.apc.org/duncan/stoa_cover.htm iQA/AwUBOVet57BeowouIJajEQKIeQCg1e5cAyiW+z6XH1ZddFoErTJqae4AoIsT TklzMVYWqovNaeYH4SW2Ur7l =PiCL -----END PGP SIGNATURE-----
Current thread:
- Force Feeding http-equiv () excite com (Jun 24)
- Re: Force Feeding David LeBlanc (Jun 24)
- Re: Force Feeding Dimitry Andric (Jun 26)
- Re: Force Feeding Philip Stoev (Jun 28)
- Re: Force Feeding David LeBlanc (Jun 28)
- Re: Force Feeding Weld Pond (Jun 25)
- Re: Force Feeding M. Burnett (Jun 26)
- Re: Force Feeding Phonix (Jun 27)
- [suse-security-announce] SuSE Security Announcement: wuftpd-2.6 (fwd) Daniel T. Chen (Jun 27)
- DoS in FirstClass Internet Services 5.770 Adam Prime (Jun 27)
- [slackware-security] wu-ftpd remote exploit patched Christopher Kager (Jun 28)
- [SECURITY] New verion of dhcp released debian-security-announce () LISTS DEBIAN ORG (Jun 28)
- Security Bulletins Digest patrick () PINE NL (Jun 28)
(Thread continues...)
- Re: Force Feeding David LeBlanc (Jun 24)