Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: Notesfiles $Revision: 1.7.0.8 $; site uiucdcs
Path: utzoo!watmath!clyde!cbosgd!ihnp4!inuxc!pur-ee!uiucdcs!acheng
From: acheng@uiucdcs.CS.UIUC.EDU
Newsgroups: net.unix-wizards
Subject: Re: Re: Another reason why - really
Message-ID: <13700111@uiucdcs>
Date: Mon, 30-Sep-85 10:33:00 EDT
Article-I.D.: uiucdcs.13700111
Posted: Mon Sep 30 10:33:00 1985
Date-Received: Wed, 2-Oct-85 08:07:08 EDT
References: <715@whuxl.UUCP>
Lines: 25
Nf-ID: #R:whuxl.UUCP:-71500:uiucdcs:13700111:000:1224
Nf-From: uiucdcs.CS.UIUC.EDU!acheng    Sep 30 09:33:00 1985


>/* Written  9:46 am  Sep 25, 1985 by mike@whuxl.UUCP in uiucdcs:net.unix-wizar */
>/* ---------- "Re: Re: Another reason why - really" ---------- */
>> > /tmp is world writeable.  This means that anyone can unlink tmp files. 
>> ...
>> Easy.  have your application make a subdirectory in /tmp, and then place
>> a file within that subdir.  As long as your subdirectory is not world
>> writeable, you can place tmp files there w/o having a window of vulnerability.
>
>But anyone can still move the directory in /tmp, and put another one
>in its place.  The problem is still there.

You got some real nasty fellow users there.  Suggestions:
1) Use the tmp file in the current directory then.  If the user worries,
   he/she should either cd to a protected one or chmod the current one.
   Use mktemp for a unique temp. file name.  This is even safer than
   using the same /tmp/tmpxxxxx name.

2) Track down the nasty user and send him a mail like this:
	mail bad-guy < /unix	# or whatever kernel your site uses
   He would have a hard time to read his mail.  :}

   Please don't take this part seriously.  Mail bombs are terrorism
   and you don't want to take the law into your own hand.  Report
   it to your "root" user.