Re: [hobbit] Temporary Files

["lars ebeling" <lars.ebeling (at) leopg9.no-ip.org>]

In my installation I have 2 hobbit-tmpdirectories: $HOBBITHOME/client/tmp 
and $HOBBITHOME/server/tmp

I don't understand what you mean, because they are created automatically.

$ ll
total 112
-rw-------   1 hobbit     users           39 Dec 19 09:05 BB-DISKCHK.TMP
-rw-rw-rw-   1 hobbit     users          307 Dec 19 09:06 
hobbit_vmstat.18544
-rw-rw-rw-   1 hobbit     users        40935 Dec 19 09:06 msg.txt
$ pwd
/home/hobbit/client/tmp

Regards
Lars

----- Original Message ----- 
From: "Adam Goryachev" <mailinglists (at) websitemanagers.com.au>
To: <hobbit (at) hswn.dk>
Sent: Monday, December 19, 2005 5:33 AM
Subject: [hobbit] Temporary Files


> Just thought I might clarify tmp file handling for hobbit and hobbit
> client specifically.
>
> It would seem to me that tmp file handling is probably insecure...
> -rw-r--r--  1 hobbit hobbit     237 2005-12-19 14:41 hobbit_vmstat.12913
> -rw-r--r--  1 hobbit hobbit   14996 2005-12-19 14:41 msg.txt
>
> ie, it is easy for an 'attacker' to create a file called msg.txt before
> hobbit does (though it seems that file is kept there all the time, so it
> would have to be created between system bootup and hobbit startup.
>
> The vmstat file would be easier to do, since it is removed each time
> after use.
>
> Just thought it would be nice to use a tmp dir specifically for hobbit,
> such as /tmp/hobbit or /usr/lib/hobbit/client/tmp etc .....
>
> Regards,
> Adam
>
>
>
> To unsubscribe from the hobbit list, send an e-mail to
> hobbit-unsubscribe (at) hswn.dk