pam_tmpdir, etc
Matt Zimmerman
mdz at canonical.com
Thu Oct 28 23:20:18 CDT 2004
On Fri, Oct 29, 2004 at 01:36:59PM +1000, Martin Pool wrote:
> > One of the shortcomings of pam_tmpdir is that it won't have any effect on
> > programs which don't honor TMPDIR. Yes, those programs are arguably buggy,
> > but programs with temporary file vulnerabilities were already buggy. :-)
>
> Yes, that's true. It may be a smaller number of programs though, and
> to some extent this is a numbers game.
>
> The main thing is to resolve to do something about it, rather than
> just waiting for the next vulnerability to be discovered. Gentoo just
> fixed one in ed, for heaven's sake. Make the default safe.
An interesting example, because pam_tmpdir wouldn't have helped there. :-)
strcpy (sfn, "/tmp/ed.XXXXXX");
if (mktemp (sfn) == NULL || (sfp = fopen (sfn, "w+")) == NULL)
It's also been fixed in Debian for ages:
ed (0.2-19) unstable; urgency=high
* buf.c: argh; previous fix (in 97) was no fix at all. Really fix the
/tmp race by using tmpfile(3).
[...]
-- James Troup <james at nocrew.org> Mon, 27 Nov 2000 02:02:36 +0000
But as is the case with too many traditional programs, GNU ed hasn't had an
upstream release in a long time (10 years!), so this patch is reimplemented
in one vendor branch after another.
> (Ask yourself: what would djb do? :-)
If I let that answer guide me, we would be in trouble. :-P
--
- mdz
More information about the ubuntu-devel
mailing list