On Sun, May 24, 2009 at 7:57 PM, Greg Guerin glgue...@amug.org wrote:
Michael Ash wrote:
Malevolent process C fails.
Or maybe malevolent process C works because it's running with the same uid
as unprivileged process A. The sticky-bit on a directory only prevents one
uid from interfering
On 25 May 2009, at 20:23, Michael Ash wrote:
On Sun, May 24, 2009 at 7:57 PM, Greg Guerin glgue...@amug.org
wrote:
Michael Ash wrote:
Malevolent process C fails.
Or maybe malevolent process C works because it's running with the
same uid
as unprivileged process A. The sticky-bit on a
On Mon, May 25, 2009 at 3:50 PM, Jeremy Pereira a...@jeremyp.net wrote:
On 25 May 2009, at 20:23, Michael Ash wrote:
On Sun, May 24, 2009 at 7:57 PM, Greg Guerin glgue...@amug.org wrote:
Michael Ash wrote:
Malevolent process C fails.
Or maybe malevolent process C works because it's
On Mon, May 25, 2009 at 3:08 PM, Michael Ash michael@gmail.com wrote:
Not at all. It doesn't change my point one whit. If A can command the
privileged process to do something nasty, then C can do it too.
(Possibly by breaking into A by one of the many mechanisms available
and forcing it to
On Mon, May 25, 2009 at 6:18 PM, Kyle Sluder kyle.slu...@gmail.com wrote:
On Mon, May 25, 2009 at 3:08 PM, Michael Ash michael@gmail.com wrote:
Not at all. It doesn't change my point one whit. If A can command the
privileged process to do something nasty, then C can do it too.
(Possibly by
On May 25, 2009, at 6:52 PM, Michael Ash wrote:
The authentication stuff is pertinent, because the AEWP is an example
of an API which works by having an unprivileged user process
communicate with a privileged process that does the work. A technique
which allows you to compromise a process which
It does? Last I checked, AEWP() used a temp file on disk to pass its
AuthorizationRef to the child process. Pipes, anyone?
Hah. I wonder what temp directory it uses?
___
Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
Please do not post admin
On Mon, May 25, 2009 at 7:12 PM, Gwynne Raskind gwy...@darkrainfall.org wrote:
On May 25, 2009, at 6:52 PM, Michael Ash wrote:
The authentication stuff is pertinent, because the AEWP is an example
of an API which works by having an unprivileged user process
communicate with a privileged
I use /tmp. Works great for me - I use it to save temporary files that
another privileged process then moves to a permanent location. Launchd
uses it too, along with a host of other things.
But yeah, where you put your temporary files really depends on the
context and who needs to see the them.
Richard Frith-Macdonald wrote:
What you want is user specific and application specific I presume
(ie you want to store the data your your application, and for the
person who is running the application). I guess it's not really
temporary (or you wouldn't need a fixed path), but is actually
On Sun, May 24, 2009 at 5:58 AM, Dave Keck davek...@gmail.com wrote:
I use /tmp. Works great for me - I use it to save temporary files that
another privileged process then moves to a permanent location. Launchd
uses it too, along with a host of other things.
Please don't just toss things in
On Sun, May 24, 2009 at 9:52 AM, Kyle Sluder kyle.slu...@gmail.com wrote:
If you *must* use /tmp for some reason (not linking
against Foundation, etc.) use FSFindFolder.
Sorry, wasn't clear here. I meant If you can't use
NSTemporaryDirectory, not If you *must* use /tmp.
--Kyle Sluder
1. Non-privileged process A running as user Alice creates a file
called /tmp/ipc.
2. A signals to privileged process B, running as root, that the file exists.
3. Malevolent process C, running as user Eve, notices the file,
unlinks it (which it can do due to the permissions on /tmp) and
On Sun, May 24, 2009 at 11:28 AM, Dave Keck davek...@gmail.com wrote:
I debated whether I should mention my technique thinking someone might
bring up this precise vulnerability. :)
It is possible to use /tmp safely, but you have to be very careful.
Just like when doing anything sensitive on the
On Sun, May 24, 2009 at 12:52 PM, Kyle Sluder kyle.slu...@gmail.com wrote:
1. Non-privileged process A running as user Alice creates a file
called /tmp/ipc.
2. A signals to privileged process B, running as root, that the file exists.
3. Malevolent process C, running as user Eve, notices the
Michael Ash wrote:
Malevolent process C fails.
Or maybe malevolent process C works because it's running with the
same uid as unprivileged process A. The sticky-bit on a directory
only prevents one uid from interfering with another uid's files. It
has no effect if the uids of the
Hi,
NSTemporaryDirectory(), returns something like /var/temp/we/weOIDM
+mck
Whereas I want to store files at a place with a fixed path.
So where should I save temp files? and how can I get that path
programatically everytime?
Thanks,
Nick
On 23 May 2009, at 12:43, Nick Rogers wrote:
Hi,
NSTemporaryDirectory(), returns something like /var/temp/we/weOIDM
+mck
Whereas I want to store files at a place with a fixed path.
So where should I save temp files? and how can I get that path
programatically everytime?
Use
On 23 May 2009, at 11:43, Nick Rogers wrote:
Hi,
NSTemporaryDirectory(), returns something like /var/temp/we/weOIDM
+mck
Whereas I want to store files at a place with a fixed path.
So where should I save temp files? and how can I get that path
programatically everytime?
What
19 matches
Mail list logo