Rob MacGregor wrote: > On Jan 3, 2008 3:09 PM, Bowie Bailey <[EMAIL PROTECTED]> wrote: >> Then this may be something that could use some explanation. >> >> Exactly what temp dir setting are you referring to and why should it be >> changed? > > If the environment variable TMPDIR is defined then well behaved > programs will use that instead of /tmp (as mentioned in David's > initial post with this subject) for temporary files. > > Using this means that you break assumptions about temporary files > appearing in /tmp, which complicates an attackers life. >
The success of this requires a bit of serendipity as well. If for reasons of convenience the new TMPDIR is globally writeable then nothing has been accomplished which is why a global TMPDIR declaration is pointless. But then the original "exploit" requires a good amount of serendipity to succeed. dp _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
