From owner-freebsd-security Sun Mar 11 15:14:49 2001 Delivered-To: freebsd-security@freebsd.org Received: from obsecurity.dyndns.org (adsl-63-207-60-158.dsl.lsan03.pacbell.net [63.207.60.158]) by hub.freebsd.org (Postfix) with ESMTP id 19A3B37B718 for ; Sun, 11 Mar 2001 15:14:45 -0800 (PST) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id C67C366F14; Sun, 11 Mar 2001 15:14:44 -0800 (PST) Date: Sun, 11 Mar 2001 15:14:44 -0800 From: Kris Kennaway To: Greg White Cc: FreeBSD Security Subject: Re: temp files for security/logcheck Message-ID: <20010311151444.A69514@mollari.cthul.hu> References: <200103110435.f2B4ZHw04676@ns1.unixathome.org>; <20010310234519.A68252@databits.net> <200103110447.f2B4lww04741@ns1.unixathome.org> <20010310225345.A14180@mollari.cthul.hu> <20010310230843.A26101@greg.cex.ca> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="C7zPtVaVf+AK4Oqc" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010310230843.A26101@greg.cex.ca>; from gregw-freebsd-security@greg.cex.ca on Sat, Mar 10, 2001 at 11:08:43PM -0800 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --C7zPtVaVf+AK4Oqc Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Mar 10, 2001 at 11:08:43PM -0800, Greg White wrote: > On Sat, Mar 10, 2001 at 10:53:46PM -0800, Kris Kennaway wrote: > > On Sun, Mar 11, 2001 at 05:47:58PM +1300, Dan Langille wrote: > > > AFAIK, the files disappear each time the script is run: > > >=20 > > > umask 077 > > > rm -f $TMPDIR/check.$$ $TMPDIR/checkoutput.$$=20 > >=20 > > [...] > >=20 > > Blah, that's an insecure way to create files in $TMPDIR (which is > > usually /tmp). It needs to use mktemp(1). > >=20 > > Kris >=20 > It is in general, but not in this case. The script and the directory are > mode 0700 -- this makes it difficult for it to be insecure. $TMPDIR is > explicitly set. Okay..I was missing context: $TMPDIR is usually inherited from the user's environment and points to /tmp or whatever their preferred temporary file directory is. I don't like the use of /usr/local for temporary file storage -- that may be on a readonly filesystem. The script needs to use mktemp -d -t to create itself a secure directory to play in. Kris --C7zPtVaVf+AK4Oqc Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6rAbkWry0BWjoQKURAmBUAKCWYbz6ncb2+HN7x3IAYoKtO/qQTACgiOuM 9gCN4FYBw/UbhK90b/+ZTkc= =KwUc -----END PGP SIGNATURE----- --C7zPtVaVf+AK4Oqc-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message