Hey, * Teodor <mteo...@gmail.com> [2010-03-21 16:49]: > A local user could perform a symlink attack against /tmp/ddclient.cache file. > I see two solutions for this problem: > 1) use /var/run/ddclient.cache as the cache file (only root has access here) > 2) use `mktemp' to create a non-predictable temporary file. > > The first solution seem to be the best as it avoids the complexity of working > with non-predictable temporary files (create, find, update, close).
From what I see it is using /var/cache/ddclient/ddclient.cache. Can you elaborate why you think it's using /tmp/? Cheers Nico -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted.
pgpSXcGWgNI1r.pgp
Description: PGP signature
