96d9d7a997
Update to version 0.2 PR: ports/50256 Submitted by: stanislav shalunov <shalunov@internet2.edu>
13 lines
459 B
Text
13 lines
459 B
Text
The utility stmpclean securely deletes old files from directories
|
|
such as /tmp and /var/tmp.
|
|
|
|
Combining find and rm (possibly with xargs) for this purpose allows
|
|
a local attacker to delete any file on the system. It is a security
|
|
hole.
|
|
|
|
Using one of the nifty floating around Perl scripts for this purpose
|
|
is dangerous: when you have an attack they have a tendency to behave
|
|
like forking bombs, making matters much worse.
|
|
|
|
--Stanislav
|
|
shalunov@internet2.edu
|