Print

Print


On Mon, Jan 01, 2007 at 09:39:14AM -0800, Jeff Lasman wrote:
> Happy New Year!
> 
> On a forum I read someone has suggested chmodding everything in /tmp as 
> 0000 to protect from hackers.
> 
> In my understanding, then no one (not even the owner) can read the 
> files.
> 
> Can this possibly work without breaking a lot of services and programs 
> that use /tmp?

Heh, April's still 3 months away!

/tmp can be used for malicious purposes because any user can create
files in it. For example, a punk^Wcurious student could write a script
named "su" which takes your input and then emails it to some server in
Nigeria. If you happen to have "." in your $PATH, *and* you happen to
be in /tmp/ when you try to run su, then you're in trouble.

Note that although /tmp has "liberal" permissions set (read, write,
execute for all users), it also has the sticky bit set, so a user can
only modify files in /tmp if they belong to him. A 777 directory is
pretty much open to anything otherwise (any user can read/modify/delete
any other user's files).

Executive Summary: Don't do it! You'll anger your computer!


Happy New Year!
-Nile

PS: Keep the local directory out of your $PATH. If you're really too
lazy to type "./executable", then at least make sure it's at the very
*end* of your path.

-- 
 .''`. | This Sig Kills Fascists!
: :' : |  http://deadbox.ath.cx
`. `'
  `-