[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Symlink vulnerabilities

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Symlink vulnerabilities
From: Leon Kaiser <literalka@xxxxxxxxx>
Date: Sat, 22 Oct 2011 15:13:31 -0600

May I ask what the grep(1) pattern was?
-- 
========================================================
Leon Kaiser      - Head of GNAA Public Relations -
        literalka@xxxxxxx || literalka@xxxxxxxxx
       http://gnaa.eu || http://security.goatse.fr
      7BEECD8D FCBED526 F7960173 459111CE F01F9923
"The mask of anonymity is not intensely constructive."
       -- Andrew "weev" Auernheimer
======================================================== 

On Sat, 2011-10-22 at 07:54 -0400, bugs@xxxxxxxxxxx wrote:

> I apologize as my search wasn't a complex method, just a quick grep for
> signs of /tmp misuse. Indeed creating a directory under /tmp is a safeway
> to handle tmp files.
> 
> > bugs@xxxxxxxxxxx wrote:
> >>
> >> bashbug:
> >>
> >> /usr/bin/bashbug:TEMPDIR=$TMPDIR/bbug.$$
> >>
> >> Maybe I should use bashbug to report a bug in bashbug?
> >>
> >
> > I took a quick look, it's actually using mkdir to create a temporary
> > directory in /tmp, which it uses for collecting support files.
> >
> > This is actually a safe way to use /tmp, assuming you check the return
> > code
> > of mkdir (which it does). The mkdir() system call behaves very differently
> > to open(), and is not vulnerable to these attacks.
> >
> > Tavis.
> >
> > --
> > -------------------------------------
> > taviso@xxxxxxxxxxxxx | pgp encrypted mail preferred
> > -------------------------------------------------------
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Symlink vulnerabilities
  - From: bugs

References:
- [Full-disclosure] Symlink vulnerabilities
  - From: bugs
- Re: [Full-disclosure] Symlink vulnerabilities
  - From: Tavis Ormandy
- Re: [Full-disclosure] Symlink vulnerabilities
  - From: bugs

Prev by Date: [Full-disclosure] R: Re: Symlink vulnerabilities
Next by Date: [Full-disclosure] [noise]
Previous by thread: Re: [Full-disclosure] Symlink vulnerabilities
Next by thread: Re: [Full-disclosure] Symlink vulnerabilities
Index(es):
- Date
- Thread