From owner-freebsd-questions Sat Oct 13 11:53:55 2001 Delivered-To: freebsd-questions@freebsd.org Received: from ren.sasknow.com (ren.sasknow.com [207.195.92.131]) by hub.freebsd.org (Postfix) with ESMTP id 15C0A37B408 for ; Sat, 13 Oct 2001 11:53:51 -0700 (PDT) Received: from localhost (ryan@localhost) by ren.sasknow.com (8.9.3/8.9.3) with ESMTP id MAA01992; Sat, 13 Oct 2001 12:53:44 -0600 (CST) (envelope-from ryan@sasknow.com) Date: Sat, 13 Oct 2001 12:53:44 -0600 (CST) From: Ryan Thompson To: ann kok Cc: freebsd-questions@FreeBSD.ORG Subject: Re: tmp security In-Reply-To: <20011013152351.57216.qmail@web20101.mail.yahoo.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG ann kok wrote to freebsd-questions@FreeBSD.ORG: > Hi all > > I have two questions about tmp directory > > 1/ is it automatically clear file after reboot No, files in /tmp normally persist after reboot. There are a few ways you can change this, though, if your question was a "how do I"... Either add a line or two to remove everything in /tmp to your startup scripts, or (in some cases, better yet), move /tmp to an MFS (memory filesystem) partition. MFS' are volatile (i.e., data won't persist after a reboot). > 2/ how do I get information about tmp security? man 7 security is a good place to start for general security advice, although I'm not sure how much specific information it has on /tmp. Some of the big rules apply, though... Since anyone can put files in /tmp, badly-written programs can be vulnerable to a symlink attack. If a program (running as root) is expecting to open a new file in /tmp and write some data to it, think what would happen if a malicious user was able to predict in advance which filename the root process was going to use, and then create a symlink with that filename. The malicious user can essentially force any file on the system to be clobbered. If the user can actually CONTROL what root writes to the file (i.e., this root process is a network daemon that accepts user input), the user can execute anything they like as root on your system. That, IMO, is the biggest potential security problem with /tmp, especially if you use a lot of poorly written programs :-) The second biggest potential security problem with /tmp is a basic DoS attack. If /tmp is on the same filesystem as the root partition (which is usually quite small), it is relatively easy for a user to just fill up /tmp with crap until the root filesystem is full. The same goes if /tmp shares space with /var, /usr, etc. Hope this helps, - Ryan > > Thank you -- Ryan Thompson Network Administrator, Accounts SaskNow Technologies - http://www.sasknow.com #106-380 3120 8th St E - Saskatoon, SK - S7H 0W2 Tel: 306-664-3600 Fax: 306-664-1161 Saskatoon Toll-Free: 877-727-5669 (877-SASKNOW) North America To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message