Re: Linux patches to solve /tmp race problem

From: Kurt Seifried (bugtraqat_private)
Date: Tue Apr 24 2001 - 23:04:03 PDT

Next message: Nick FitzGerald: "Re: SECURITY.NNOV: The Bat! <cr> bug"

Previous message: Jim Knoble: "OpenSSL-0.9.6a has security fixes"
In reply to: Tollef Fog Heen: "Re: Linux patches to solve /tmp race problem"
Next in thread: Tollef Fog Heen: "Re: Linux patches to solve /tmp race problem"
Next in thread: Crispin Cowan: "Re: Linux patches to solve /tmp race problem"
Reply: Tollef Fog Heen: "Re: Linux patches to solve /tmp race problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> PAM handles this quite nicely.
>
> I've hacked together a PAM module which sets TMPDIR (and TMP) to
> /tmp/user/uid, which I could probably make available (mail me if you
> are interested).  Fixing programs to use TMP and TMPDIR is the correct
> solution.
>
> --
>
> Tollef Fog Heen

No need for that when we have "pam_env". From the docs "This module allows the
(un)setting of environment variables. Supported is the use of previously set
environment variables as well as PAM_ITEMs such as PAM_RHOST."

/etc/security/pam_env.conf

Kurt Seifried, seifriedat_private
Securityportal - your focal point for security on the 'net

Next message: Nick FitzGerald: "Re: SECURITY.NNOV: The Bat! <cr> bug"
Previous message: Jim Knoble: "OpenSSL-0.9.6a has security fixes"
In reply to: Tollef Fog Heen: "Re: Linux patches to solve /tmp race problem"
Next in thread: Tollef Fog Heen: "Re: Linux patches to solve /tmp race problem"
Next in thread: Crispin Cowan: "Re: Linux patches to solve /tmp race problem"
Reply: Tollef Fog Heen: "Re: Linux patches to solve /tmp race problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Apr 25 2001 - 08:59:59 PDT