Date: Fri, 26 Jun 1998 16:52:41 -0400
From: Douglas Lee Schales <schales@WATSON.IBM.COM>
To: BUGTRAQ@NETSPACE.ORG
Subject: Re: vulnerability in satan, cops & tiger
In reply to your message dated: Fri, 26 Jun 1998 09:24:17 +0200
>Tiger v2.2.3
>
>the $WORKDIR of tiger 2.2.3 is set to /tmp and many
>temporary files are being written there (it would exeed
>all limits to mention all the lines) ...
>to prevent the raceconditions, $TIGER_HOME/tmp should be created by
>default and $WORKDIR in the config file set to it.
>See below for a patch.
I had seen the patch via the current maintainer of Tiger, and
had told them not to issue it. This is not the best approach
as many people run Tiger off of R/O floppy diskettes, and this
won't work in that situation.
As an interim solution, the user should create a scratch directory
specifically for Tiger, R/W only by root (there is no reason for
anyone else to be able to read the directory). Set WORKDIR to point
to this directory. `/var/spool/tiger' would probably be reasonable.
I've not decided on an "automated" solution that is acceptable,
thus the lack of a patch.
>closing remarks: I was shocked when I found these bugs. These security tools
>have been around since years - and yet nobody had checked this ??
>If this is a reflection of our security consciousness, well, we are in big
>trouble since a long time and things are not getting better (especially with
>M$ around)
Perhaps these tools should have been shuffled up on the priority queue,
because they have "security" associated with them, but it doesn't
really matter. If the "hack" succeeds, it succeeds... does not matter
what the programs purpose in life was...
I also think many believe that we should address the real problem
first, instead of occupying our time dredging through a never ending
source of code. The real problem is the shared `/tmp'.
In my private e-mails, I suggested a (hack) solution, but I've now
decided against it. The correct solution, IMHO, is what I offhandedly
referred to in one message:
rm -rf /tmp
and make the scratch area be private in each accounts home directory
(though some of the shared homes, and roots home being `/' are
problematic). Then we can go through and fix all the apps once and
for all.
Anyhow, off subject...
dls
[ who will now undoubtably now receive a ton of junk mail for his
troubles ]
--
Douglas Lee Schales
