[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security vulnerability in automake
|
From: |
Lars Hecking |
|
Subject: |
Re: Security vulnerability in automake |
|
Date: |
Sun, 2 Jun 2002 18:02:51 +0100 |
|
User-agent: |
Mutt/1.5.1i |
Lawrence Teo writes:
> I was learning Automake last night, and I think I found a security
> vulnerability. I'm not sure if this is already known, but I couldn't
> find it on Bugtraq. The security vulnerability is the insecure
> creation of temporary files in the config.guess script which leads
> to a race condition.
The config.* files are maintained separately from automake AFAIK.
> In the config.guess script, there's a line that says:
[standard temp file symlink attack]
> My recommendations are:
>
> 1. Check if the dummy file exists. If it does, append a number to
> it. If that still exists, keep changing that number until we
> come up with a filename that does not already exist (this is
> similar to mutt's temporary files /tmp/mutt-HOSTNAME-PID-SOMENUM);
> or
>
> 2. Use a random hash value instead of the process ID ($$), which
> would be the preferred alternative. However, I don't know how
> feasible it is to do this in a simple, portable way that's
> consistent with Automake.
I believe a better way would be to create the temp files in a newly
created chmod 700'd directory under /tmp. Maybe combined with 2.