[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: backup method

From: Han Boetes
Subject: Re: backup method
Date: Thu, 3 Feb 2005 11:15:36 +0100
User-agent: Mutt/1.5.6i

David Kastrup wrote:
> The permissions in world-writable temp directories are almost
> always 1777 which means that nobody but the owner can delete
> such a file. Symlink attacks are only possible when the file
> name can be guessed by an outside attacker _before_ the file is
> created.

Just a few thoughts.

Perhaps it's an idea to add a function at the C-level that uses

Since creating a tmp-file with a random name and then moving it to
the proper name is not expensive I see no reason simply do that
for all files.

The mktemp(1) manpage explains very well how normal programs can
create secure files in world-writable dirs.

# Han

reply via email to

[Prev in Thread] Current Thread [Next in Thread]