Issues with /tmp/mc-$USER directory
BARTHAZI Andras
andras at barthazi.hu
Thu Dec 26 06:43:24 UTC 2002
Hi!
I am not really a security expert, so just my opinion. :)
> 1) Check that /tmp/mc-$USER is ours. I think if I do stat()
> and it says that I'm the owner, no adversary will be able to
> replace the directory. If /tmp/mc-$USER is ours, set proper
> permissions (700) on it if necessary and use it. Note that
> the files inside that directory still have random names.
>
> 2) If that fails, warn the user and create a directory under
> /tmp with a random name e.g. /tmp/mc-$USER-$RANDOM. If that
> works, schedule the directory for removal using g_atexit
> (portable atexit from glib) and use the directory.
Why don't you skip the first step, and just do the second? :) Easier to
implement just one version, less code -> less bugs and "more safe" (?).
Just another question: what happens, if there's no /tmp directory (I
don't know OS like this)? I mean if the distribution uses for example
the name /temp. I don't know it mc has to care about it.
Bye,
Andras
More information about the mc-devel
mailing list