[pca] hiding SOA data from "ps"

[Glenn Satchell]

>Date: Tue, 1 Dec 2009 15:23:59 +0100
>From: Dra¾en Kaèar <dave at fly.srk.fer.hr>
>
>Martin Paul wrote:
>> Dra¾en Kaèar wrote:
>>>
>>> You might have a race condition here. It can be worked around safely, but
>>> it's a pain.
>>
>> You mean somebody modifying ~/.wgetrc between the copy to the tmp file  
>> and wget reading it on startup?
>
>No, there's nothing to be gained there. I mean something like creating a
>symlink at the location your temporary file will be created, which then
>points to something you can write into, but another user can read. So
>he can get the username and password you're trying to hide.
>
>Or something like that, I was never very good at inventing cracking
>scenarios.
>
>The race can be exploited if you first try to delete the file and then
>create it. Perhaps symlink isn't necessary. The usual protection from this
>is to have the file created in the directory owned by the user who is
>creating it (ie. don't create it in /tmp or /var/tmp). But that's a pain.
>

The typical "safe" way to create a temporary file is to make a
directory with 0700 permissions, then create the file inthat dir. If
you use a random name then that makes it harder to predict the
directory and/or filename.

Something likle this:

$tmpdir = "/tmp/pca" . int(random(1000000));
mkdir $tmpdir, 0700;
$tmpfile = $tmpdir . "/wgetrc" . int(random(1000000));

regards,
-glenn