Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[tcpcrypt-dev] [PATCH] avoid symlink attacks in

Daniel Kahn Gillmor dkg at
Wed Jul 23 07:01:46 PDT 2014

/tmp is world-writable -- if a non-privileged user creates a symlink
in /tmp/ pointing to some file, then the superuser
executing will truncate that file.

Modern systems will use /run for this sort of thing, rather than /tmp,
since /run is not world-writable.

However, i don't see $PIDFILE ever being actually used in this script,
so the simplest fix might be to just drop the use of $PIDFILE
 user/ | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/user/ b/user/
index 9be678c..d2ae8a2 100755
--- a/user/
+++ b/user/
@@ -6,7 +6,7 @@ PORT2=${2:-7777}
 TCPCRYPTD=`dirname $0`/src/tcpcryptd
 start_tcpcryptd() {

More information about the tcpcrypt-dev mailing list