Vulnerability Development mailing list archives
Re: removal of /tmp/appXXXXXX
From: Brandon Erhart <berhart () ErhartGroup COM>
Date: Mon, 29 Jul 2002 20:28:31 -0500
That's odd.. really odd. You may want to fix(?) (read: upgrade) your library that contains that.. but no, i don't believe it's a problem, unless it's trying to write to it beforehand (soft link to a sensative file by a malicious user could be bad).. or unless some other program is using that temporary file and your program removes it. Try upgrading the library.. or reinstall the library, something.
-Brandon At 06:11 PM 7/29/2002, Matthew Hannigan wrote:
I should have been a little clearer. Those are literal X's. It attempts to remove the _exact same file_ every time. That's what I meant by tmpnam gone wrong. Matt Brandon Erhart wrote:if those 'X's are "psuedo-random" characters, and they change each time, i'm pretty sure you're safe. Unless the file is important or gets overwritten while linked to an important file, nothing bad should happen (I think??).-Brandon At 09:35 AM 7/29/2002, Matthew Hannigan wrote:I found a program which removes a file named like /tmp/appXXXXXX. Seems to be a tmpnam attempt gone wrong. Does this make the system vulnerable? The program is run by root as often as not. Matt.
Current thread:
- removal of /tmp/appXXXXXX Matthew Hannigan (Jul 29)
- Re: removal of /tmp/appXXXXXX Brandon Erhart (Jul 29)
- Re: removal of /tmp/appXXXXXX Matthew Hannigan (Jul 29)
- Re: removal of /tmp/appXXXXXX Brandon Erhart (Jul 29)
- Re: removal of /tmp/appXXXXXX Matthew Hannigan (Jul 29)
- Re: removal of /tmp/appXXXXXX Brandon Erhart (Jul 29)