Full Disclosure mailing list archives
Re: Symlink vulnerabilities
From: Leon Kaiser <literalka () gmail com>
Date: Sat, 22 Oct 2011 15:13:31 -0600
May I ask what the grep(1) pattern was? -- ======================================================== Leon Kaiser - Head of GNAA Public Relations - literalka () gnaa eu || literalka () goatse fr http://gnaa.eu || http://security.goatse.fr 7BEECD8D FCBED526 F7960173 459111CE F01F9923 "The mask of anonymity is not intensely constructive." -- Andrew "weev" Auernheimer ======================================================== On Sat, 2011-10-22 at 07:54 -0400, bugs () fbi dhs org wrote:
I apologize as my search wasn't a complex method, just a quick grep for signs of /tmp misuse. Indeed creating a directory under /tmp is a safeway to handle tmp files.bugs () fbi dhs org wrote:bashbug: /usr/bin/bashbug:TEMPDIR=$TMPDIR/bbug.$$ Maybe I should use bashbug to report a bug in bashbug?I took a quick look, it's actually using mkdir to create a temporary directory in /tmp, which it uses for collecting support files. This is actually a safe way to use /tmp, assuming you check the return code of mkdir (which it does). The mkdir() system call behaves very differently to open(), and is not vulnerable to these attacks. Tavis. -- ------------------------------------- taviso () cmpxchg8b com | pgp encrypted mail preferred ------------------------------------------------------- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Symlink vulnerabilities, (continued)
- Re: Symlink vulnerabilities Valdis . Kletnieks (Oct 21)
- Re: Symlink vulnerabilities Michal Zalewski (Oct 21)
- Re: Symlink vulnerabilities Byron Sonne (Oct 21)
- Re: Symlink vulnerabilities Valdis . Kletnieks (Oct 21)
- Re: Symlink vulnerabilities Raj Mathur (राज माथुर) (Oct 21)
- Re: Symlink vulnerabilities James Condron (Oct 22)
- Re: Symlink vulnerabilities Michal Zalewski (Oct 22)
- Re: Symlink vulnerabilities Michal Zalewski (Oct 21)
- Re: Symlink vulnerabilities Valdis . Kletnieks (Oct 21)
- Re: Symlink vulnerabilities dave bl (Oct 21)
- Re: Symlink vulnerabilities bugs (Oct 22)
- Re: Symlink vulnerabilities Leon Kaiser (Oct 24)
- Re: Symlink vulnerabilities bugs (Oct 24)
- Re: Symlink vulnerabilities xD 0x41 (Oct 25)
- Re: Symlink vulnerabilities Tavis Ormandy (Oct 25)
- Re: Symlink vulnerabilities bugs (Oct 25)
- Re: Symlink vulnerabilities Tavis Ormandy (Oct 25)
- Re: Symlink vulnerabilities xD 0x41 (Oct 25)
- Re: Symlink vulnerabilities Michal Zalewski (Oct 25)
- Re: Symlink vulnerabilities xD 0x41 (Oct 25)