David F. Skoll wrote: > Bowie Bailey wrote: > >> Then this may be something that could use some explanation. > >> Exactly what temp dir setting are you referring to and why should it be >> changed? > > Many (but not all) UNIX programs respect an environment variable > called TMPDIR that specifies a directory in which to place temporary > files. This lets you place temporary files in a non-world-writable > directory. World-writable temporary directories are problematic because > attackers can precreate symlinks in them and trick unwary programs into > overwriting important files.
Just to expand the conversation: The clamd.conf file also offers a tmpdir option. I'm using a directory created specifically for, owned and set ro by the clamav user. The clamscan program requires you set this at the command line. Setting a system wide TMPDIR is probably a bad idea - or at least will not likely correct the problem. It needs to be done on a case by case basis using shell wrappers which is why it is seldom done. The default of /tmp is nice because it is also often a ram-based pseudo drive and so faster, but also vulnerable to broken processes that have the potential to leave multiple blobs there but has also provided for tempfile games. dp _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
