[prev in list] [next in list] [prev in thread] [next in thread]
List: vuln-dev
Subject: Re: removal of /tmp/appXXXXXX
From: Brandon Erhart <berhart () ErhartGroup ! COM>
Date: 2002-07-30 1:28:31
[Download RAW message or body]
That's odd.. really odd. You may want to fix(?) (read: upgrade) your
library that contains that.. but no, i don't believe it's a problem, unless
it's trying to write to it beforehand (soft link to a sensative file by a
malicious user could be bad).. or unless some other program is using that
temporary file and your program removes it. Try upgrading the library.. or
reinstall the library, something.
-Brandon
At 06:11 PM 7/29/2002, Matthew Hannigan wrote:
>I should have been a little clearer.
>Those are literal X's. It attempts to
>remove the _exact same file_ every time.
>
>That's what I meant by tmpnam gone wrong.
>
>Matt
>
>
>Brandon Erhart wrote:
>>if those 'X's are "psuedo-random" characters, and they change each time,
>>i'm pretty sure you're safe. Unless the file is important or gets
>>overwritten while linked to an important file, nothing bad should happen
>>(I think??).
>>-Brandon
>>At 09:35 AM 7/29/2002, Matthew Hannigan wrote:
>>
>>>I found a program which removes
>>>a file named like /tmp/appXXXXXX. Seems
>>>to be a tmpnam attempt gone wrong.
>>>
>>>Does this make the system vulnerable?
>>>The program is run by root as often as
>>>not.
>>>
>>>Matt
>>.
>
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic