From owner-freebsd-audit Mon Jan 10 15: 3:49 2000 Delivered-To: freebsd-audit@freebsd.org Received: from foobar.franken.de (foobar.franken.de [194.94.249.81]) by hub.freebsd.org (Postfix) with ESMTP id BF81514CA2; Mon, 10 Jan 2000 15:03:43 -0800 (PST) (envelope-from logix@foobar.franken.de) Received: (from logix@localhost) by foobar.franken.de (8.8.8/8.8.5) id AAA04586; Tue, 11 Jan 2000 00:03:45 +0100 (CET) Message-ID: <20000111000344.C4237@foobar.franken.de> Date: Tue, 11 Jan 2000 00:03:44 +0100 From: Harold Gutch To: Kris Kennaway , audit@FreeBSD.ORG Subject: Re: Simple task References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i In-Reply-To: ; from Kris Kennaway on Mon, Jan 10, 2000 at 01:08:03AM -0800 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, Jan 10, 2000 at 01:08:03AM -0800, Kris Kennaway wrote: > Here's something simple you guys can do: install > /usr/ports/security/l0pht-watch and run it constantly for a few days, and > look at what it picks up. There are lots of insecurely-named tempfiles > created by FreeBSD utilities and ports, even ones which otherwise create > the files atomically (using 6 Xs in mkstemp() isn't very secure, since 5 > of those are usually taken up by the PID, which is fairly easy to > predict). A thing I changed in the source, was in list_utils.c:147, where the maximum full filenamelength that is printed, is limited to 20 chars. mutt (at least the version I'm using, which is pretty outdated, I know :) ) creates a file in /tmp for pretty many things - l0pht-watch though didn't show the complete filenames and thus always displayed the _same_ (cut off) filename; the differences in the names would only occur after the 20th character. bye, Harold -- Someone should do a study to find out how many human life spans have been lost waiting for NT to reboot. Ken Deboy on Dec 24 1999 in comp.unix.bsd.freebsd.misc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message