Date: Sat, 13 Oct 2001 12:53:44 -0600 (CST) From: Ryan Thompson <ryan@sasknow.com> To: ann kok <annkok2001@yahoo.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: tmp security Message-ID: <Pine.BSF.4.21.0110131240530.94589-100000@ren.sasknow.com> In-Reply-To: <20011013152351.57216.qmail@web20101.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
ann kok wrote to freebsd-questions@FreeBSD.ORG: > Hi all > > I have two questions about tmp directory > > 1/ is it automatically clear file after reboot No, files in /tmp normally persist after reboot. There are a few ways you can change this, though, if your question was a "how do I"... Either add a line or two to remove everything in /tmp to your startup scripts, or (in some cases, better yet), move /tmp to an MFS (memory filesystem) partition. MFS' are volatile (i.e., data won't persist after a reboot). > 2/ how do I get information about tmp security? man 7 security is a good place to start for general security advice, although I'm not sure how much specific information it has on /tmp. Some of the big rules apply, though... Since anyone can put files in /tmp, badly-written programs can be vulnerable to a symlink attack. If a program (running as root) is expecting to open a new file in /tmp and write some data to it, think what would happen if a malicious user was able to predict in advance which filename the root process was going to use, and then create a symlink with that filename. The malicious user can essentially force any file on the system to be clobbered. If the user can actually CONTROL what root writes to the file (i.e., this root process is a network daemon that accepts user input), the user can execute anything they like as root on your system. That, IMO, is the biggest potential security problem with /tmp, especially if you use a lot of poorly written programs :-) The second biggest potential security problem with /tmp is a basic DoS attack. If /tmp is on the same filesystem as the root partition (which is usually quite small), it is relatively easy for a user to just fill up /tmp with crap until the root filesystem is full. The same goes if /tmp shares space with /var, /usr, etc. Hope this helps, - Ryan > > Thank you -- Ryan Thompson <ryan@sasknow.com> Network Administrator, Accounts SaskNow Technologies - http://www.sasknow.com #106-380 3120 8th St E - Saskatoon, SK - S7H 0W2 Tel: 306-664-3600 Fax: 306-664-1161 Saskatoon Toll-Free: 877-727-5669 (877-SASKNOW) North America To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0110131240530.94589-100000>