[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: creating backups in temporary directories
|
From: |
Andreas Schwab |
|
Subject: |
Re: creating backups in temporary directories |
|
Date: |
Sun, 09 Sep 2007 22:27:30 +0200 |
|
User-agent: |
Gnus/5.110006 (No Gnus v0.6) Emacs/22.1 (gnu/linux) |
David Kastrup <address@hidden> writes:
> Stefan Monnier <address@hidden> writes:
>
>> In a directory with mode 777, that's true: everything is dangerous.
>> But in a directory with mode 1777 when you open a file that *you* own,
>> nobody else can remove it or rename it, so normally nobody can replace it
>> with a symlink. Emacs creates the problem when it moves /tmp/foo to
>> /tmp/foo~ at which point /tmp/foo is free for an attacker to take.
>
> Well, the alternative is to make a hard link of /tmp/foo to /tmp/foo~,
> then creat /tmp/foo over it and fill it with contents without
> reopening.
>
> That should close the time window for an attack.
You have to unlink the file first, so the window remains.
Andreas.
--
Andreas Schwab, SuSE Labs, address@hidden
SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany
PGP key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
"And now for something completely different."
- creating backups in temporary directories, Chris Moore, 2007/09/07
- Re: creating backups in temporary directories, David Kastrup, 2007/09/07
- Re: creating backups in temporary directories, Stefan Monnier, 2007/09/07
- Re: creating backups in temporary directories, Stefan Monnier, 2007/09/07
- Re: creating backups in temporary directories, Richard Stallman, 2007/09/08
- Re: creating backups in temporary directories, Stefan Monnier, 2007/09/09
- Re: creating backups in temporary directories, David Kastrup, 2007/09/09
- Re: creating backups in temporary directories,
Andreas Schwab <=
- Re: creating backups in temporary directories, David Kastrup, 2007/09/09
- Re: creating backups in temporary directories, Davis Herring, 2007/09/10
- Re: creating backups in temporary directories, David Kastrup, 2007/09/10
- Message not available
- Re: creating backups in temporary directories, Davis Herring, 2007/09/10
- Re: creating backups in temporary directories, Richard Stallman, 2007/09/11
- Re: creating backups in temporary directories, Davis Herring, 2007/09/11
- Re: creating backups in temporary directories, Richard Stallman, 2007/09/09
- Re: creating backups in temporary directories, Stefan Monnier, 2007/09/09
- Re: creating backups in temporary directories, Davis Herring, 2007/09/07
- Re: creating backups in temporary directories, Chris Moore, 2007/09/08