Disabling /tmp watch in RawHide
Stan Bubrouski
stan at ccs.neu.edu
Mon Nov 3 20:35:18 UTC 2003
Hey,
Over the last four years I have found and reported several
vulnerabilities in various apps that have use /tmp insecurely. A
great many of them were discovered by merely looking in /tmp
once a week or so at some of the files left behind.
By default you guys have tmpwatch turned on, and I think that in
RawHide and test builds this should be disabled so these kinds of
security bugs can be found easier before releases. Yes I know /tmp
can get messy with legitimate files (though most of the files left in
/tmp SHOULD NOT be there), however I think the benefits of disabling by
default on testing environments will get a great many more eyes spotting
general bugs with some program /tmp usage.
For instance I installed Fedora Core Test 3 release last weekend. I
turned off tmpwatch, and voila, without even trying I found 4 insecure
file uses between 3 packages. I did nothing to find these except ls
through my /tmp and then track down the offenders. I guess this is
probably something that will be debated, or shot down immediately, but
still I'm throwing it out there. Without tmpwatch people WILL notice
more insecure /tmp usage, even if by only the broken usages (i.e.
leaving the files behind). Any thoughts?
-sb
-------------- next part --------------
An embedded message was scrubbed...
From: Stan Bubrouski <bubrouski.s at neu.edu>
Subject: Disabling /tmp watch in RawHide
Date: Mon, 03 Nov 2003 13:59:16 -0500
Size: 1618
Url: http://lists.fedoraproject.org/pipermail/devel/attachments/20031103/835cb9c6/attachment-0002.mht
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20031103/835cb9c6/attachment-0002.bin
More information about the devel
mailing list