[prev in list] [next in list] [prev in thread] [next in thread] 

List:       vuln-dev
Subject:    Re: removal of /tmp/appXXXXXX
From:       Brandon Erhart <berhart () ErhartGroup ! COM>
Date:       2002-07-30 1:28:31
[Download RAW message or body]

That's odd.. really odd. You may want to fix(?) (read: upgrade) your 
library that contains that.. but no, i don't believe it's a problem, unless 
it's trying to write to it beforehand (soft link to a sensative file by a 
malicious user could be bad).. or unless some other program is using that 
temporary file and your program removes it. Try upgrading the library.. or 
reinstall the library, something.

-Brandon

At 06:11 PM 7/29/2002, Matthew Hannigan wrote:
>I should have been a little clearer.
>Those are literal X's.  It attempts to
>remove the _exact same file_ every time.
>
>That's what I meant by tmpnam gone wrong.
>
>Matt
>
>
>Brandon Erhart wrote:
>>if those 'X's are "psuedo-random" characters, and they change each time, 
>>i'm pretty sure you're safe. Unless the file is important or gets 
>>overwritten while linked to an important file, nothing bad should happen 
>>(I think??).
>>-Brandon
>>At 09:35 AM 7/29/2002, Matthew Hannigan wrote:
>>
>>>I found a program which removes
>>>a file named like /tmp/appXXXXXX.  Seems
>>>to be a tmpnam attempt gone wrong.
>>>
>>>Does this make the system vulnerable?
>>>The program is run by root as often as
>>>not.
>>>
>>>Matt
>>.
>
>

[prev in list] [next in list] [prev in thread] [next in thread]