Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: Notesfiles $Revision: 1.7.0.8 $; site uiucdcs Path: utzoo!watmath!clyde!cbosgd!ihnp4!inuxc!pur-ee!uiucdcs!acheng From: acheng@uiucdcs.CS.UIUC.EDU Newsgroups: net.unix-wizards Subject: Re: Re: Another reason why - really Message-ID: <13700111@uiucdcs> Date: Mon, 30-Sep-85 10:33:00 EDT Article-I.D.: uiucdcs.13700111 Posted: Mon Sep 30 10:33:00 1985 Date-Received: Wed, 2-Oct-85 08:07:08 EDT References: <715@whuxl.UUCP> Lines: 25 Nf-ID: #R:whuxl.UUCP:-71500:uiucdcs:13700111:000:1224 Nf-From: uiucdcs.CS.UIUC.EDU!acheng Sep 30 09:33:00 1985 >/* Written 9:46 am Sep 25, 1985 by mike@whuxl.UUCP in uiucdcs:net.unix-wizar */ >/* ---------- "Re: Re: Another reason why - really" ---------- */ >> > /tmp is world writeable. This means that anyone can unlink tmp files. >> ... >> Easy. have your application make a subdirectory in /tmp, and then place >> a file within that subdir. As long as your subdirectory is not world >> writeable, you can place tmp files there w/o having a window of vulnerability. > >But anyone can still move the directory in /tmp, and put another one >in its place. The problem is still there. You got some real nasty fellow users there. Suggestions: 1) Use the tmp file in the current directory then. If the user worries, he/she should either cd to a protected one or chmod the current one. Use mktemp for a unique temp. file name. This is even safer than using the same /tmp/tmpxxxxx name. 2) Track down the nasty user and send him a mail like this: mail bad-guy < /unix # or whatever kernel your site uses He would have a hard time to read his mail. :} Please don't take this part seriously. Mail bombs are terrorism and you don't want to take the law into your own hand. Report it to your "root" user.