On Thu, 26 Dec 2002, Nerijus Baliunas wrote: > On Thu, 26 Dec 2002 01:44:53 +0100 (CET) Koblinger Egmont <[EMAIL PROTECTED]> wrote: > > > Using fix file names under /tmp is impossible without risking security. > > You can use fix file names under your home, or a unique non-existant > > filename under /tmp. > > But why then I have .ICE-unix, .X11-unix, .wine-nerijus, kde-nerijus, > orbit-nerijus directories and .X0-lock, =xmms_nerijus.0, etc files in /tmp? > Does it mean all these projects do something wrong?
Of course not. Sticky bit on directories prevents other users from replacing your files. Opening files with O_EXCL prevents symlink attacks. Using fixed filenames with sufficient precautions on modern OSes with proper permissions on /tmp can be made safe, in my opinion (but I'm not a security expert). The problem with mc is that it doesn't take sufficient precautions. I assumed that chmod() in mc_tmpdir() would fail if the directory belongs to someone else. The test shows that it's not the case. I don't think it's easy to exploit, since the filenames are random, but it's better to be on the safe side. -- Regards, Pavel Roskin _______________________________________________ Mc-devel mailing list [EMAIL PROTECTED] http://mail.gnome.org/mailman/listinfo/mc-devel