From owner-freebsd-security Sat Mar 10 23:58:43 2001 Delivered-To: freebsd-security@freebsd.org Received: from ns1.unixathome.org (ns1.unixathome.org [203.79.82.27]) by hub.freebsd.org (Postfix) with ESMTP id DB9FD37B719 for ; Sat, 10 Mar 2001 23:58:39 -0800 (PST) (envelope-from dan@langille.org) Received: from wocker (wocker.int.nz.freebsd.org [192.168.0.99]) by ns1.unixathome.org (8.11.1/8.11.1) with ESMTP id f2B7wcw05889 for ; Sun, 11 Mar 2001 20:58:38 +1300 (NZDT) (envelope-from dan@langille.org) Message-Id: <200103110758.f2B7wcw05889@ns1.unixathome.org> From: "Dan Langille" Organization: novice in training To: freebsd-security@freebsd.org Date: Sun, 11 Mar 2001 20:58:37 +1300 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Re: temp files for security/logcheck Reply-To: dan@langille.org In-reply-to: <20010310230843.A26101@greg.cex.ca> References: <20010310225345.A14180@mollari.cthul.hu>; from kris@obsecurity.org on Sat, Mar 10, 2001 at 10:53:46PM -0800 X-mailer: Pegasus Mail for Win32 (v3.12c) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 10 Mar 2001, at 23:08, Greg White wrote: > On Sat, Mar 10, 2001 at 10:53:46PM -0800, Kris Kennaway wrote: > > On Sun, Mar 11, 2001 at 05:47:58PM +1300, Dan Langille wrote: > > > AFAIK, the files disappear each time the script is run: > > > > > > umask 077 > > > rm -f $TMPDIR/check.$$ $TMPDIR/checkoutput.$$ > > > > [...] > > > > Blah, that's an insecure way to create files in $TMPDIR (which is > > usually /tmp). It needs to use mktemp(1). > > > > Kris > > It is in general, but not in this case. The script and the directory are > mode 0700 -- this makes it difficult for it to be insecure. $TMPDIR is > explicitly set. Well, unless I hear otherwise, I'll leave the port as is. Perhaps using /usr/local/var/tmp/logcheck/ is a better idea. But until we come up with a formal policy, I'll leave this for a future improvement. Thanks folks. -- Dan Langille pgpkey - finger dan@unixathome.org | http://unixathome.org/finger.php got any work? I'm looking for some. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message