From owner-freebsd-security Sat Mar 10 20:45:23 2001 Delivered-To: freebsd-security@freebsd.org Received: from hex.databits.net (hex.databits.net [207.29.192.16]) by hub.freebsd.org (Postfix) with SMTP id 0767237B718 for ; Sat, 10 Mar 2001 20:45:21 -0800 (PST) (envelope-from petef@hex.databits.net) Received: (qmail 68310 invoked by uid 1001); 11 Mar 2001 04:45:19 -0000 Date: Sat, 10 Mar 2001 23:45:19 -0500 From: Pete Fritchman To: Dan Langille Cc: security@freebsd.org Subject: Re: temp files for security/logcheck Message-ID: <20010310234519.A68252@databits.net> References: <200103110435.f2B4ZHw04676@ns1.unixathome.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200103110435.f2B4ZHw04676@ns1.unixathome.org>; from dan@langille.org on Sun, Mar 11, 2001 at 05:35:16PM +1300 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org It seems logical that the port should just use ${TMPDIR}/.logcheck/ or something of that nature. Does it need to be there permenately? Or can it just be created/deleted when the program is started/stopped? I saw the thread on -ports earlier but didn't get a chance to respond. -pete ++ 11/03/01 17:35 +1300 - Dan Langille: >The port security/logcheck creates /usr/local/etc/tmp[1] and chmod's it >to 700. It does that because the temp files it creates and uses need to >be relativly secure. It writes out several files that could cause problems >if a user made links, etc. > >Does anyone see any issues which we need to deal with? e.g. the >security of this directory, the name of this directory... > >[1] - Prior to a recent port change, it used /usr/local/etc/tmp > >-- >Dan Langille >pgpkey - finger dan@unixathome.org | http://unixathome.org/finger.php >got any work? I'm looking for some. > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message -- Pete Fritchman Databits Network Services, Inc. finger petef@databits.net for PGP key To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message