> Due to excessive amount of /tmp races reported last months, here's > /tmp event logger. This simple and small program logs file activity > in given directory, giving clear, reusable, space-saving format > (including operation, filename, uid/gid, file type, permissions, > current time). It's very useful when you're looking for possible > vunerabilities, or trying to trace attacks. Many of you have source to the operating systems and tools you run. I like to make a strong recommendation for source-level audits as the best way to find these problems. And while you are there you can fix them too, and then tell the maintainers of the packages; not just For instance, all programs compiled with GNU f77 have 2 mktemp races. It's in the source. I just contacted the maintainer of the package; he didn't appear to have any idea what a /tmp race is. This is going to be extremely common. So those who care about this issue should start auditing code, and then telling the authors of these systems that such problems are unacceptable. Try to give them patches. Push hard to get these things fixed.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:45:32 PDT