lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: rodrigob at (Rodrigo Barbosa)
Subject: New Remote Windows Exploit (MS04-029)

Hash: SHA1

On Thu, Nov 04, 2004 at 02:24:53PM -0500, wrote:
> 2) An amazing amount of stuff assumes that /tmp has 'exec' - at
> least for a while, 'rpmbuild' of a Redhat Perl would die because it
> build into a directory on /tmp, and then tried to run a binary out
> of that just-built tree - workaround was to feed rpm a '%_tmpdir ='
> pointing elsewhere.  Dell's microcode installer hits the same issue,
> as did at least some OpenOffice builds.
> So if you do it, be prepared to get bit, and have to do a
> 'mount -o remount,exec /tmp' once in a while...

I'm not sure which standard (FHS ? LSB ?), but these softwares should
honor the TMPDIR environment. And yes, /tmp is the fallback, in case
$TMPDIR is not set.

- -- 
Rodrigo Barbosa <>
"Quid quid Latine dictum sit, altum viditur"
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

Version: GnuPG v1.2.3 (GNU/Linux)


Powered by blists - more mailing lists