Vulnerability Development mailing list archives
Re: removal of /tmp/appXXXXXX
From: Matthew Hannigan <mlh () zip com au>
Date: Tue, 30 Jul 2002 09:11:27 +1000
I should have been a little clearer. Those are literal X's. It attempts to remove the _exact same file_ every time. That's what I meant by tmpnam gone wrong. Matt Brandon Erhart wrote:
if those 'X's are "psuedo-random" characters, and they change each time, i'm pretty sure you're safe. Unless the file is important or gets overwritten while linked to an important file, nothing bad should happen (I think??).-Brandon At 09:35 AM 7/29/2002, Matthew Hannigan wrote:I found a program which removes a file named like /tmp/appXXXXXX. Seems to be a tmpnam attempt gone wrong. Does this make the system vulnerable? The program is run by root as often as not. Matt.
Current thread:
- removal of /tmp/appXXXXXX Matthew Hannigan (Jul 29)
- Re: removal of /tmp/appXXXXXX Brandon Erhart (Jul 29)
- Re: removal of /tmp/appXXXXXX Matthew Hannigan (Jul 29)
- Re: removal of /tmp/appXXXXXX Brandon Erhart (Jul 29)
- Re: removal of /tmp/appXXXXXX Matthew Hannigan (Jul 29)
- Re: removal of /tmp/appXXXXXX Brandon Erhart (Jul 29)