danwalsh


Dan Walsh's Blog

Got SELinux?


Previous Entry Add to Memories Share Next Entry
Daemons "Just say no to using /tmp"
danwalsh
Working on SELinux I get exposed to lots of daemon applications doing evil things. :^(

One of my crusades is to stop daemons from using /tmp.  I think the problem here is two-fold,

  1. Inexperienced daemon writer decides he has some files that he wants to temporarily use. In userspace he uses /tmp, so why not just use it for his system application?
  2. Another reason daemon writers do this is to communicate with logged in users.  He knows users can write to /tmp, so if he throws a socket or other file out there, there will be no problem communicating with the user.

Many attacks have happened because a careless application writer has written a daemon which writes files to /tmp while running as root.

Just enter "/tmp vulnerabilities" and google responds with 980,000 entries.

System applications creating and writing files/sockets in /tmp, also causes things like pam_namespace to not work well.
Pam_namespace, as I have written about before, can be used to isolate different users on the same system, giving each user his own /tmp.  Finally, an issue  that is dear to my heart: maintaining proper labeling on all these files being dumped into /tmp is a pain in the butt.

Daemon developers should follow these rules:

  • /tmp is for users to store their stuff  not for daemons or any process that is started in the boot process.
  • If a daemon wants to communicate with a user then he should do it via /var/run/DAEMON.  
  • If you have a daemon that wants its temporarily files to survive a reboot. consider using /var/cache/DAEMON


I am even hoping to finally get X to stop using /tmp. 

Maybe someday Kerberos ...

So if you have a daemon that uses /tmp please consider changing it to use a different directory.

Dan

No HTML allowed in subject

  
 
   
 

(will be screened)

You are viewing danwalsh