Full Disclosure mailing list archives

Re: Another IE trick (Re: IE sucks : sun java virtual machine insecure tmp file creation)

From: "Eric Paynter" <eric () arcticbears com>
Date: Fri, 9 Jul 2004 09:26:23 -0700 (PDT)

On Fri, July 9, 2004 7:43 am, http-equiv () excite com said:

There are lots of little .tmp files generated and accessible
remotely to be had, Adobe *.pdf's and  a vast array of Microsoft
Office 2003 crud to name just two. Many others which have been
identified and discussed in the past as well.


I think:

mount /dev/xxxx /tmp -o noexec

would reduce the risk significantly. Can you do something equivalent in
Windows?

-Eric

--
arctic bears - affordable custom email and name services
http://www.arcticbears.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Another IE trick (Re: IE sucks : sun java virtual machine insecure tmp file creation) http-equiv () excite com (Jul 09)
- Re: Another IE trick (Re: IE sucks : sun java virtual machine insecure tmp file creation) Eric Paynter (Jul 09)
  - Re[2]: Another IE trick (Re: IE sucks : sun java virtual machine insecure tmp file creation) 3APA3A (Jul 09)
  - Re: Another IE trick (Re: IE sucks : sun java virtual machine insecure tmp file creation) Nick FitzGerald (Jul 09)
    - Re: Another IE trick (Re: IE sucks : sun java virtual machine insecure tmp file creation) Eric Paynter (Jul 09)