Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability)

[stanislav shalunov <shalunov () INTERNET2 EDU>]

Michael Damm <miked () ACCESSNW NET> writes:

> I alwas was a difficult child.
> TMPKEY="$RANDOM"
> echo "foo" >/tmp/blah.$TMPKEY

This is actually a single linear transform of PID+NOW into 16-bit
space (((pid+now)*1103515245 + 12345) & 32767).  Trivial guess.

--
Stanislav Shalunov <shalunov () internet2 edu>  Internet Engineer, Internet2

A fool's brain digests philosophy into folly, science into superstition,
and art into pedantry.  Hence University education.        -- G. B. Shaw