> I don't know if it is "normal", but I always do a > chmod 1777 /tmp
This is the default permission ... > Would that address the security concern? Or is "world readable" the main > concern? I really HATE 777 and will generally not allow it unless forced > into it by some weird requirement. The problem is actually the predictible file name in a world-writable directory. An attacker could create a symlink with the name "strip.pid" (a pid is actually pretty easy to predict, and you can always create as much symlinks as you want) pointing to one of your files and when launching the command you would overwrite the file. It is really a disaster if root runs this command. Guillaume -- Guillaume Morin <[EMAIL PROTECTED]> IBM Poughkeepsie SAK Kernel Development
