|Main Archive Page > Month Archives > clamav-users archives|
Rob MacGregor wrote:
> On Jan 3, 2008 4:09 PM, Dennis Peterson <firstname.lastname@example.org> wrote:
>> The success of this requires a bit of serendipity as well. If for reasons of >> convenience the new TMPDIR is globally writeable then nothing has been accomplished >> which is why a global TMPDIR declaration is pointless.
> Well, yes and no. Let's take the following case:
> 1) You're using software which creates then executes a temporary file
> as .progname.day-of-month
> 2) The attacker knows this and has a remote attack to populate this
> file in /tmp to give themselves root access
> 3) You've globally defined TMPDIR to be /tmp/42/
> 4) Attack fails
> Ok, it doesn't help against a local attacker (and then you're in
> trouble anyway), but against any remote attack making assumptions
> about the location of temporary files it has some value.
> Besides, I made no statement about global declarations ;)
If 2) is true then 1), 3), and 4) are irrelevant.