[Patches] Patch to make tempfile return random filenames
Andrew M. Kuchling
akuchlin@mems-exchange.org
Mon, 22 May 2000 09:42:46 -0400 (EDT)
Guido van Rossum writes:
>I have always assumed this is only really an issue with set-uid
>programs. If I write a simple script, why would it be vulnerable?
>(There's still the PID in the name too.)
It matters if the script is run by the root user, not necessarily if
it's setuid. I think one possible malicious attack is creating a
symlink to a file such as /etc/passwd; when the script runs, it opens
a temp. file, and overwrites /etc/passwd with junk. Periodically you
see advisories from places like Red Hat, fixing these tempfile
problems an admin script that root runs
I think it's worth fixing, but I'm not clear on what the safe way to
create a temp. file *is*. Has anyone written a clear guide to the
safe way to open tempfiles?
--=20
A.M. Kuchling=09=09=09http://starship.python.net/crew/amk/
It would take days to catalog your sins, Abb=E9. I simply don't have th=
e time.
-- Sebastian, in SEBASTIAN O #2