Bugtraq mailing list archives
Re: Insecure use of file in /tmp by trn
From: Todd.Miller () COURTESAN COM (Todd C. Miller)
Date: Mon, 30 Aug 1999 02:43:26 -0600
In message <Pine.BOO.4.04.9908281306590.2468-100000 () oubliette annexgrp org>
so spake Shuman (shuman):
RedHat includes a mktemp too, its a package by itself. From the look of the manpage, it seems to be based on the mktemp that comes with Debian, just with one extra option. The option is "-d", which creates a unique directory rather than a file.
This is the OpenBSD mktemp(1), I know since I wrote it :-)
RedHat 6.0 ships with an mktemp-1.5 rpm that corresponds to:
$OpenBSD: mktemp.c,v 1.4 1997/06/20 04:17:42 millert Exp $
The current OpenBSD mktemp.c (1.5) is identical with the exception
of a slightly more relaxed copyright. For some reason RedHat doesn't
document the -d option in the main page though. Just to clear up
the confusion...
- todd
Current thread:
- Re: Insecure use of file in /tmp by trn Rogier Wolff (Aug 22)
- Re: Insecure use of file in /tmp by trn Martin Schulze (Aug 23)
- <Possible follow-ups>
- Re: Insecure use of file in /tmp by trn Richard Kettlewell (Aug 23)
- Re: Insecure use of file in /tmp by trn Ben Pfaff (Aug 24)
- Re: Insecure use of file in /tmp by trn Theo de Raadt (Aug 27)
- Re: Insecure use of file in /tmp by trn Martin Schulze (Aug 29)
- WU-FTPD Security Update Thomas Biege (Aug 29)
- Re: Insecure use of file in /tmp by trn Luca Berra (Aug 30)
- Re: Insecure use of file in /tmp by trn Shuman (Aug 28)
- Re: Insecure use of file in /tmp by trn Todd C. Miller (Aug 30)
- Re: Insecure use of file in /tmp by trn Rogier Wolff (Aug 28)
- Vixie Cron version 3.0pl1 vulnerable to root exploit Martin Schulze (Aug 28)
- Re: Insecure use of file in /tmp by trn Theo de Raadt (Aug 27)