I just wanted to bring this to that attention of those who care... Because there were quite a few insecure temp file creation reports a while ago, perhaps some of us should use this tool to find more ASAP.
It was in the fresh meat mailing list: ------------------------------------------------------------ [012] - Eliott 1.0 (Stable) by j (http://freshmeat.net/users/frankdenis/) Monday, February 5th 2001 16:51 Eliott is a tool to help system administrators and programmers discover insecure temporary file creation, even in closed-source applications. It watches a directory for file creation/deletion/writes using the dnotify facility of Linux 2.4.x . Every change is logged, even temporary files with a very short lifetime. In addition to logging, Eliott can simulate hard-link exploits in order to find and report vulnerable applications. License: GNU General Public License (GPL) URL: http://freshmeat.net/projects/eliott/ ------------------------------------------------------------ GBY
