Bugtraq mailing list archives
Re: user flags in public temp space (was Re: chflags() [heads up
From: Adam.Morris () ONYX NET (Adam Morris)
Date: Mon, 9 Aug 1999 10:37:25 +0100
-----BEGIN PGP SIGNED MESSAGE----- On 06-Aug-99 Darren Reed wrote:
If you're designing a software package, want to use temporary files and directories but you need the names to be the same every time, where do you put them ? Are you required to use open(O_CREAT|O_EXCL) for files in /tmp ? Apart from the ability to exchange files between users with /tmp, having private /tmp's for each uid using the system (with a non- world writeable /tmp) has a lot of merit which I hope someone will someday properly explore - i.e. there exist programming languages in which the buffer overflow is a non-event, now we need an operating system design where the /tmp file race-condition is a non-event.
We already have something like that... The CMW machines (Compartmentalised Mode Workstation) has the concept of "multi level directories" These include such things as /tmp. When you are operating at level "Top Secret" you have what appears to be a different /tmp from when you are operating at level "unclassified". As far as I can tell, it does actually keep the files in different directories. I haven't really poked around at the raw disk level on one of these beasts though (which requires special privileges) so I can't guarantee it. You can definitely have two different files in different level /tmp directories with the same name. Adam. - ---------------------------------- If this message isn't signed, it probably isn't me. Adam Morris - Systems Engineer - Onyx Internet There's no real need to do housework -- after four years it doesn't get any worse. - ---------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv iQCVAwUBN66hVDxztoTO1QFNAQH0hgP/b8fwKC3DcQ4NQau0SYMt5jY+UtzIyAYf GnUrI2MCe+A0JwCFQcmIaTcq4SDCB0Ni6yBwFKBdVGgLRsCK4yWtqUisHOGGw9d4 GQQ4r2UilLDf6ByE25Or4VJ9Re6miMQmm3j/koCQMwErbOtDlNh/J42CgtnZ0Rc5 LQKlCJ1CjxQ= =qver -----END PGP SIGNATURE-----
Current thread:
- Re: user flags in public temp space (was Re: chflags() [heads up]), (continued)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Brett Lymn (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Jason Bratton (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Theo de Raadt (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Andrew Brown (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Darren Reed (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Theo de Raadt (Aug 06)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Darren Reed (Aug 06)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Tim Fletcher (Aug 06)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Darren Reed (Aug 07)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Doug Harple (Aug 09)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Brett Lymn (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up Adam Morris (Aug 09)
- Re: user flags in public temp space (was Re: chflags() [heads up James E. Pace (Aug 10)
- New cfingerd 1.4.0 - Configurable Finger Daemon Martin Schulze (Aug 10)
- profil(2) bug, a simple test program Ross Harvey (Aug 09)
- ISS Security Advisory: Denial of Service Attack Against Windows NT Terminal Server X-Force (Aug 09)
- Uploaded cfingerd 1.3.2-18.1 for Debian (security fix) Leszek Gerwatowski (Aug 09)