Hi Sven, ok trying again in a friendly way. * Sven Dowideit <[EMAIL PROTECTED]> [2007-10-23 15:10]: > mmm, following the link makes me even less convinced that there is a > problem. > > the working/tmp dir is used for rcs tmp files, and twiki session files, > both of which use randomised unique filenames. > > as the Wikipedia page suggests that the problem is avoided by using > randomised filenames, we seem to be done?
Yes that is true however I never read twikis source code so I just said that if this is just used for temporary files that this would introduce a symlink attack. Of course this is not the case if the names are really random, I am sorry since I assumed you know what a symlink attack is and state whether this is the case or not. So if the names are random (and not like adding a process id to them) there is no problem with this attack. However there is also another problem, since server installations often use partitions and having a user controllable directory under /var would end up enabling every user to fill the /var partition and thus causing a denial of service for every other daemon running on the system because they are not able to write log files anymore. > Nico, If i were ignoring what you wrote, I would not be replying. Well that's unclear to me and really one of the reasons why I was so pissed, since you for example wrote that there is no web content stored in this directory while I never wrote that there is... Anyway, let's forget this. > I have > unfortunately found nothing so far to make me understand that there in > fact is a problem. Evey extra detail you guys are giving me, is > reinforcing this opinion Please consider the second situation I wrote above. > As Holger points out, I am a part time packager (over debian, osx, > windows, rpm, and soon to be Solaris and maybe a few more), so I'm > looking to understand, not just to blindly agree to whatever you say. ;) That was never any attention, the opposite was the case, I saw that this is world-read-writable, didn't read twikis code, saw no intention to have 777 there, thats why I asked " Why is setting the rights to 777 done here?". So I hoped that you are able to judge if the is the case here but I wanted to prevent to blindly upload this. Kind regards Nico P.S. There is really nothing personal with you, it looks like a bad example for a communication problem here. -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpsfflO7qkC5.pgp
Description: PGP signature
