From owner-freebsd-audit  Mon Jan 10  1: 8: 4 2000
Delivered-To: freebsd-audit@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 758)
	id 79F4C14D4F; Mon, 10 Jan 2000 01:08:03 -0800 (PST)
Received: from localhost (localhost [127.0.0.1])
	by hub.freebsd.org (Postfix) with ESMTP id 6BFE21CD836
	for <audit@freebsd.org>; Mon, 10 Jan 2000 01:08:03 -0800 (PST)
	(envelope-from kris@hub.freebsd.org)
Date: Mon, 10 Jan 2000 01:08:03 -0800 (PST)
From: Kris Kennaway <kris@hub.freebsd.org>
To: audit@freebsd.org
Subject: Simple task
Message-ID: <Pine.BSF.4.21.0001100104190.85117-100000@hub.freebsd.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-audit@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Here's something simple you guys can do: install
/usr/ports/security/l0pht-watch and run it constantly for a few days, and
look at what it picks up. There are lots of insecurely-named tempfiles
created by FreeBSD utilities and ports, even ones which otherwise create
the files atomically (using 6 Xs in mkstemp() isn't very secure, since 5
of those are usually taken up by the PID, which is fairly easy to
predict).

Kris



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message