Re: random PID patch

• Next message: Alan Cox: "Re: Users locking memory using futexes"
• Previous message: Hugh Dickins: "Re: [PATCH] flush_cache_page while pte valid"
• In reply to: Alan Cox: "RE: random PID patch"
• Next in thread: Heusden van, FJJ (Folkert): "RE: random PID patch"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

> > Sometimes, (well; frequently) programs that create temporary
> > files let the filename depend on their PID. A hacker could use
> > that knowledge. So if you know that the application that
>
> Still can if its random. The attacker can be the one who exec's the
> vulnerable app. The attacker can use dnotify
>
> > things it's not supposed to. Like forcing suid apps to create
> > a file in the startup-scripts dir. or something.
>
> Just use namespaces and give every login their own /tmp

Use namespaces? I thought export TMPDIR= was the solution ;-).

                                                        Pavel

-- 
When do you have heart between your knees?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

• Next message: Alan Cox: "Re: Users locking memory using futexes"
• Previous message: Hugh Dickins: "Re: [PATCH] flush_cache_page while pte valid"
• In reply to: Alan Cox: "RE: random PID patch"
• Next in thread: Heusden van, FJJ (Folkert): "RE: random PID patch"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Fri Nov 15 2002 - 22:00:26 EST