[BLUG] Unix conventions for controlling file access
Dave Monnier REN-ISAC
blug_at_mailman.cs.indiana.edu
Fri, 13 Jul 2007 11:29:16 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mark Krenz wrote:
> I'm curious to get opinions on this. I'm working with some support
> technicians for a software company that shall remain nameless for now.
>
> Anyways, a problem came up where temporary files are being written to
> /tmp by a program and then showing up in the output of lsof as
> (deleted). When talking with the support people about this, they said
> that their method of controlling access to these files is to create
> them, then unlink the file while the program is still running. This
> makes the entry disappear from the directory listing. The program
> should still be able to access the file when the filehandle is open, but
> for the most part other programs cannot access it.
>
> What do you think about this?
>
Sounds like tomfoolery to me. I'd say this qualifies as another act of
security theater. I wonder why they would go for this card trick over using
actual access control methods.
This also sounds like a great way to have their file corrupted.
- -Dave
- --
| Dave Monnier - dmonnier_at_ren-isac.net |
| http://nicholas.ren-isac.net/dmonnier/ |
| Principal Security Engineer, REN-ISAC http://www.ren-isac.net/ |
| 24x7 Watch Desk: +1(317)278-6630, ren-isac_at_ren-isac.net |
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGl5pMBIf6jlONJjIRAlwsAJ4zBR9PvUCt1plMLZ8Bsn/f2C+O6gCeLXIA
U+0VBgeKa20Iyztn6i3E/hI=
=UxI6
-----END PGP SIGNATURE-----