Hash: SHA1
Mark Krenz wrote:
> I'm curious to get opinions on this. I'm working with some support
> technicians for a software company that shall remain nameless for now.
>
> Anyways, a problem came up where temporary files are being written to
> /tmp by a program and then showing up in the output of lsof as
> (deleted). When talking with the support people about this, they said
> that their method of controlling access to these files is to create
> them, then unlink the file while the program is still running. This
> makes the entry disappear from the directory listing. The program
> should still be able to access the file when the filehandle is open, but
> for the most part other programs cannot access it.
>
> What do you think about this?
>
Sounds like tomfoolery to me. I'd say this qualifies as another act of
security theater. I wonder why they would go for this card trick over using
actual access control methods.
This also sounds like a great way to have their file corrupted.
- -Dave
- --
| Dave Monnier - dmonnier@ren-isac.net |
|
http://nicholas.ren-isac.net/dmonnier/
|
| Principal Security Engineer, REN-ISAC http://www.ren-isac.net/ |
| 24x7 Watch Desk: +1(317)278-6630, ren-isac@ren-isac.net |
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGl5pMBIf6jlONJjIRAlwsAJ4zBR9PvUCt1plMLZ8Bsn/f2C+O6gCeLXIA
U+0VBgeKa20Iyztn6i3E/hI=
=UxI6
-----END PGP SIGNATURE-----
_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug
No comments:
Post a Comment