Network Security: Detailed info on /tmp rather than /home, attacks?

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Secure-Shell

Subject:	/tmp rather than /home, attacks?
Date:	13 Mar 2007 00:41:45 +0100

Subject:

/tmp rather than /home, attacks?

Date:

13 Mar 2007 00:41:45 +0100

Hello, having an option like ControlPath ~/.ssh/control/%r@%h:%p is probably not a good idea, if the user's home directory is shared by different machines (name collision for similiar outgoing SSH connections). Something like that ControlPath /tmp/ssh-control-%r@%h:%p should be better, because the directory /tmp is always local to the machine. But will that enable symlink attacks? (e.g. somehow is guessing the name before and creates an appropriate symlink to a file to be corrupted.) Or is there another, better solution? I'm using that version (ssh -v): OpenSSH_4.3p2 Debian-5ubuntu1, OpenSSL 0.9.8b 04 May 2006 Regards Thomas

<Prev in Thread]	Current Thread	[Next in Thread>
/tmp rather than /home, attacks?, Thomas Hafner <= Re: /tmp rather than /home, attacks?, Mark Senior

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: FC6 ssh times out to one particular host, Darren Tucker
Next by Date:	First time SSH user having trouble with key pair - "No more authentication methods to try", Shane O'Connor
Previous by Thread:	FC6 ssh times out to one particular host, chris
Next by Thread:	Re: /tmp rather than /home, attacks?, Mark Senior
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Re: FC6 ssh times out to one particular host, Darren Tucker

Next by Date:

First time SSH user having trouble with key pair - "No more authentication methods to try", Shane O'Connor

Previous by Thread:

FC6 ssh times out to one particular host, chris

Next by Thread:

Re: /tmp rather than /home, attacks?, Mark Senior

Indexes:

[Date] [Thread] [Top] [All Lists]