From owner-freebsd-hackers Fri Oct 18 17:56:07 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id RAA06159 for hackers-outgoing; Fri, 18 Oct 1996 17:56:07 -0700 (PDT) Received: from arvidsjaur (arvidsjaur.anu.edu.au [150.203.160.29]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id RAA06152 for ; Fri, 18 Oct 1996 17:56:04 -0700 (PDT) Received: by arvidsjaur.anu.edu.au id <65037-172>; Sat, 19 Oct 1996 10:54:41 +1000 From: Andrew Tridgell To: julian@whistle.com CC: Guido.vanRooij@nl.cis.philips.com, freebsd-hackers@FreeBSD.org In-reply-to: <326817C5.61133CF4@whistle.com> (message from Julian Elischer on Fri, 18 Oct 1996 16:50:29 -0700) Subject: Re: fix for symlinks in /tmp (fwd) FYI Reply-to: Andrew.Tridgell@anu.edu.au Message-Id: <96Oct19.105441+1000est.65037-172+230@arvidsjaur.anu.edu.au> Date: Sat, 19 Oct 1996 10:54:31 +1000 Sender: owner-hackers@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk > It's probably not THAT common, but it MIGHT cause someone to lose hours > in a very frustrating way.. How many hours have been lost in a "frustrating way" when someone has broken into a system or destroyed files by exploiting this type of hole ... Surely you've noticed all the "symlink-in-/tmp" style security holes discussed on places like bugtraq? > tmpfile creation should not follow a symlink anyhow.. yep, in an ideal world it wouldn't. Its just that programs that do it unsafely and scripts that redirect stuff temporarily into /tmp are all too common. Have you never written a shell script that does something like: #!/bin/sh tmpfile=/tmp/silly_name.$$ cat > $tmpfile grep foobar $tmpfile | cut -mumble | someprog | Mail mumble grep barfoo $tmpfile | otherprog > some_log_file rm $tmpfile I know I've written such stupid things many times. I also know they are bad, wrong and terrible. But its oh so tempting to get the job done .... And I know that lots of other people do the same :-) Cheers, Andrew