Bugtraq mailing list archives
Re: Is /tmp still appropriate?
From: Hanspeter Schmid <hanspi () COMPUTER ORG>
Date: Tue, 19 Dec 2000 06:05:57 +0100
0d0 <odo () mail tarp3 com> (" 0d0>" ) wrote:
>> I'm sure many people have been "guilty" of writing a quick and >> nasty shell script that ends in something like: >/tmp/out.$$ 0d0> but why not: >./out.$$ or $MYTMP/out.$$ 0d0> why not add a few lines in the ./configure scripts that will 0d0> allow for the creation of a $HOME/tmp (if not found) with 0d0> proper attributes set when the software is installed? This may come out bad on systems where users' disk quota are limited. The tmp directory should not be subject to any quota. So if a program does what you're suggesting, a normal user could not install it properly. Kind regards, -- Hanspeter Schmid Private: hanspi () computer org www.schmid-werren.ch/hanspeter/ Office: hps () bernafon ch www.bernafon.ch/ IEEE: h.p.schmid () ieee org www.ieee-cas.org/~asptc/
Current thread:
- Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) Andrew Church (Dec 15)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) Mark Delany (Dec 16)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) 0d0 (Dec 18)
- Re: Is /tmp still appropriate? Hanspeter Schmid (Dec 20)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) Michael Damm (Dec 18)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) stanislav shalunov (Dec 18)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) Ryan Russell (Dec 18)
- Message not available
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) 0d0 (Dec 18)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) Christian (Dec 18)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) DeRobertis (Dec 18)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) Mike A. Harris (Dec 19)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) Kurt Seifried (Dec 19)
- Re: Is /tmp still appropriate? Peter W (Dec 19)
- Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability) Mark Delany (Dec 16)