Bugtraq mailing list archives
Re: user flags in public temp space (was Re: chflags() [heads up])
From: dharple () MAIL COMMUNITYCONNECT COM (Doug Harple)
Date: Mon, 9 Aug 1999 15:17:49 -0400
On Sat, 7 Aug 1999, Darren Reed wrote:
In some mail from Tim Fletcher, sie said:I think I defeated myself in trying to explain the implementation I was trying to describe. For each user, when they login, a virtual /tmp is created and that is shared between all sessions that user has. This is setup at login time and is carried forth to all children, root or not, and cannot be reset (somewhat akin to chroot) unless devious methods are employed (i.e. write to /dev/mem). So if I have 10 logins to host foo, each login sees the same /tmp, even the root shells I generate via su/sudo in half. If I login as root, I don't have the same /tmp (I get a different one). cron/at jobs would be no different. So the `real' /tmp could even be 755 root.wheel.Although it does rather cripple /tmp in another way: That of sharing information between users. If I tell another user that the file s/he wants is in /tmp (as my /home/tim dir is 711 with most files 600) I don't have to mess with file perms and s/he doesn't have to get the exact right name to read the file.Why do they need to access your home dir ? You're making assumptions which you probably shouldn't...
I think perhaps you misread what he was saying. He's not saying that he wants another user to have access to his /home dir. He is, however, saying that a common /tmp makes it possible for him to share files with another user without compromising his own security. If /tmp was assigned on a per-user basis, he would be unable to use the /tmp directory in that fashion. --- Doug Harple / Community Connect dharple () mail communityconnect com
Current thread:
- user flags in public temp space (was Re: chflags() [heads up]) Strange (Aug 04)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Brett Lymn (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Jason Bratton (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Theo de Raadt (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Andrew Brown (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Darren Reed (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Theo de Raadt (Aug 06)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Darren Reed (Aug 06)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Tim Fletcher (Aug 06)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Darren Reed (Aug 07)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Doug Harple (Aug 09)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Brett Lymn (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up Adam Morris (Aug 09)
- Re: user flags in public temp space (was Re: chflags() [heads up James E. Pace (Aug 10)
- New cfingerd 1.4.0 - Configurable Finger Daemon Martin Schulze (Aug 10)
- profil(2) bug, a simple test program Ross Harvey (Aug 09)
- ISS Security Advisory: Denial of Service Attack Against Windows NT Terminal Server X-Force (Aug 09)
- Uploaded cfingerd 1.3.2-18.1 for Debian (security fix) Leszek Gerwatowski (Aug 09)
- <Possible follow-ups>
- Re: user flags in public temp space (was Re: chflags() [heads up]) Hugh Graham (Aug 06)