On Tue, 26 Oct 2004, Bruno Haible wrote: > Thomas Dickey wrote: > > > is to make filename sit in a temporary directory under /tmp, not directly > > > in /tmp ? > > > > For the truly paranoid, even that is not sufficient. > > Why? The creation of the temp directory cannot erase a file, and once the > directory is created with mode 077, an attacker cannot place a symlink into > it. What kind of attack is still possible with a temp directory with mode 077? > Can you please explain? On some systems (none recent), I recall that you could still rename the directory (and put a link to your favorite location). -- Thomas E. Dickey http://invisible-island.net ftp://invisible-island.net _______________________________________________ Autoconf mailing list Autoconf@xxxxxxx http://lists.gnu.org/mailman/listinfo/autoconf
