From owner-freebsd-security Sat Mar 10 20:35:22 2001 Delivered-To: freebsd-security@freebsd.org Received: from ns1.unixathome.org (ns1.unixathome.org [203.79.82.27]) by hub.freebsd.org (Postfix) with ESMTP id 47B7837B718 for ; Sat, 10 Mar 2001 20:35:19 -0800 (PST) (envelope-from dan@langille.org) Received: from wocker (wocker.int.nz.freebsd.org [192.168.0.99]) by ns1.unixathome.org (8.11.1/8.11.1) with ESMTP id f2B4ZHw04676; Sun, 11 Mar 2001 17:35:18 +1300 (NZDT) (envelope-from dan@langille.org) Message-Id: <200103110435.f2B4ZHw04676@ns1.unixathome.org> From: "Dan Langille" Organization: novice in training To: security@freebsd.org Date: Sun, 11 Mar 2001 17:35:16 +1300 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: temp files for security/logcheck Reply-To: dan@langille.org Cc: dan@langille.org X-mailer: Pegasus Mail for Win32 (v3.12c) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The port security/logcheck creates /usr/local/etc/tmp[1] and chmod's it to 700. It does that because the temp files it creates and uses need to be relativly secure. It writes out several files that could cause problems if a user made links, etc. Does anyone see any issues which we need to deal with? e.g. the security of this directory, the name of this directory... [1] - Prior to a recent port change, it used /usr/local/etc/tmp -- Dan Langille pgpkey - finger dan@unixathome.org | http://unixathome.org/finger.php got any work? I'm looking for some. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message