Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: Notesfiles $Revision: 1.7.0.8 $; site uiucdcs Path: utzoo!watmath!clyde!cbosgd!ihnp4!inuxc!pur-ee!uiucdcs!acheng From: acheng@uiucdcs.CS.UIUC.EDU Newsgroups: net.unix-wizards Subject: Re: Another reason why - really /tm Message-ID: <13700108@uiucdcs> Date: Wed, 25-Sep-85 11:40:00 EDT Article-I.D.: uiucdcs.13700108 Posted: Wed Sep 25 11:40:00 1985 Date-Received: Sat, 28-Sep-85 04:58:44 EDT References: <2279@sunybcs.UUCP> Lines: 31 Nf-ID: #R:sunybcs.UUCP:-227900:uiucdcs:13700108:000:1405 Nf-From: uiucdcs.CS.UIUC.EDU!acheng Sep 25 10:40:00 1985 >/* Written 2:50 pm Sep 20, 1985 by loverso@sunybcs.UUCP in uiucdcs:net.unix-wizar */ >/* ---------- "Re: Another reason why - really /tm" ---------- */ >From: peter@rlgvax.UUCP (Peter Klosky) 16 Sep 85 <764@rlgvax.UUCP> >> > For security make your /tmp file 0600 mode. >> >> /tmp is world writeable. This means that anyone can unlink tmp files. >> In particular, my application wants to pass state data from a child >> process to a parent prodcess via a tmp file that the child creates, >> and there are windows of vulnerability in this scheme, due to the unlink >> trouble. > >Easy. have your application make a subdirectory in /tmp, and then place >a file within that subdir. As long as your subdirectory is not world >writeable, you can place tmp files there w/o having a window of vulnerability. > >I also changed /etc/rc to clear /tmp with an rm -r > The "rm -r" may remove the lost+found directory in /tmp. That may cause trouble when fsck needs it. But then, one may say /tmp is for scratch and no big deal if files get lost there. Well... ---------------------------------------------------------------------- Albert Cheng acheng@UIUC.ARPA acheng@UIUC.CSNET {ihnp4,pur-ee}!uiucdcs!acheng Dept. of Computer Science, Univ. of Illinois-Urbana, Rm. 240, 1304 W. Springfield, Urbana, IL 61801 %%% The above is the opinion of my own %%% %%% and not necessarily that of the management. %%% Brought to you by Super Global Mega Corp .com