Bugtraq mailing list archives
Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability)
From: stanislav shalunov <shalunov () INTERNET2 EDU>
Date: Mon, 18 Dec 2000 20:29:13 -0500
Michael Damm <miked () ACCESSNW NET> writes:
I alwas was a difficult child. TMPKEY="$RANDOM" echo "foo" >/tmp/blah.$TMPKEY
This is actually a single linear transform of PID+NOW into 16-bit space (((pid+now)*1103515245 + 12345) & 32767). Trivial guess. -- Stanislav Shalunov <shalunov () internet2 edu> Internet Engineer, Internet2 A fool's brain digests philosophy into folly, science into superstition, and art into pedantry. Hence University education. -- G. B. Shaw
Current thread:
- Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) Andrew Church (Dec 15)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) Mark Delany (Dec 16)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) 0d0 (Dec 18)
- Re: Is /tmp still appropriate? Hanspeter Schmid (Dec 20)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) Michael Damm (Dec 18)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) stanislav shalunov (Dec 18)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) Ryan Russell (Dec 18)
- Message not available
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) 0d0 (Dec 18)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) Christian (Dec 18)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) DeRobertis (Dec 18)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) Mike A. Harris (Dec 19)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) Kurt Seifried (Dec 19)
- Re: Is /tmp still appropriate? Peter W (Dec 19)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) Mark Delany (Dec 16)