Bugtraq mailing list archives
Re: HeliSec: StarOffice symlink exploit
From: Peter W <peterw () USA NET>
Date: Mon, 19 Feb 2001 22:04:29 -0500
On Sat, Feb 17, 2001 at 04:57:23PM +0100, JeT Li wrote:
One way to fix the problem is to create a directory inside your home directory which is inaccessible to anyone but yourself (permissions 700), called tmp. Then insert an entry in your login start-up file to set the $TMP environment variable to $HOME/tmp, so it will direct StarOffice to use your temporary directory, rather than the system /tmp. Something like this (in bash): [wushu@JeT-Li]$ TMP=$HOME/tmp ; export TMP (not permanent) or modify the .bash_profile adding TMP=$HOME/tmp and including this variable in the export.
BTW, I have some fairly sophisticated TMPDIR/TMP scripts in the CVS repository for Bastille (http://sourceforge.net/projects/bastille-linux) that folks might find useful. The scripts allow you to put TMPDIR somewhere other than $HOME (say, local /tmp if $HOME is on NFS), to keep track of TMPDIRs on a host-by-host basis, to hide the number of files and last access time of $TMPDIR, etc. There's also an ancillary script designed to keep pruning tools like 'tmpwatch' (frequently found on Linux systems) from removing $TMPDIR while you're logged in, and to warn you via multiple channels if something is amiss with your temp dir. Look for bastille-tmpdir.sh, bastille-tmpdir.csh, and bastille-tmpdir-defense.sh (the anti-'tmpwatch' tool). bastille-tmpdir.* go in /etc/profile.d where many systems will run them at login time (via /etc/bashrc or /etc/csh.login scanning /etc/profile.d) bastille-tmpdir-defense.sh goes in /etc. All three should be mode 0755. These apps will be optional in the soon-to-be-release Bastille 1.2.0 hardening tool for Red Hat and Mandrake Linux distributions. I've only tested the scripts under Linux, but they should be fairly portable. Your feedback would be most appreciated. It's nice that apps let you pick your own preferred temp space ($HOME in some cases is a poor choice), but it's a shame that some apps *need* you to do so to behave safely. :-( -Peter
Current thread:
- HeliSec: StarOffice symlink exploit JeT Li (Feb 19)
- Re: HeliSec: StarOffice symlink exploit Peter W (Feb 20)
- Re: HeliSec: StarOffice symlink exploit Christian (Feb 22)
- Re: HeliSec: StarOffice symlink exploit JeT Li (Feb 22)
- Re: HeliSec: StarOffice symlink exploit Kurt Seifried (Feb 22)