Mailinglist Archive: opensuse-security (192 mails)

< Previous Next >
temporary files created by crontab -e
  • From: Roland Hilkenbach <roland@xxxxxxxxxxxxxxxxxx>
  • Date: Thu, 04 May 2000 23:23:29 +0200
  • Message-id: <3911EA51.DB524FD0@xxxxxxxxxxxxxxxxxx>
Hi,
trying to create a user-crontab, I found that crontab -e creates
temporary files in /tmp. These files take the name /tmp/crontab.xxx
where the extension seems to be the PID of the crontab -e command and
thus are easy to guess by other people.
Since /tmp is writable by everyone, someone else could possibly create a
file following this naming convention, thereby disturbing the crontab
command. I wasn´t able to smuggle data into the crontabs but this
behavior can easily be used to do a DoS since the /tmp directory has the
sticky-Bit set.

Regards
Roland Hilkenbach

< Previous Next >