shalunovINTERNET2.EDU

• Next message: FreeBSD Security Advisories: "FreeBSD Security Advisory: FreeBSD-SA-00:77.procfs"
• Previous message: Thomas Lopatic: "FireWall-1 Fastmode Vulnerability"
• In reply to: Michael Damm: "Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability)"
• Next in thread: Ryan Russell: "Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability)"
• Next in thread: 0d0: "Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability)"
• Reply: stanislav shalunov: "Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Michael Damm <mikedACCESSNW.NET> writes:

> I alwas was a difficult child.
> TMPKEY="$RANDOM"
> echo "foo" >/tmp/blah.$TMPKEY

This is actually a single linear transform of PID+NOW into 16-bit
space (((pid+now)*1103515245 + 12345) & 32767). Trivial guess.

--
Stanislav Shalunov <shalunovinternet2.edu>	Internet Engineer, Internet2
A fool's brain digests philosophy into folly, science into superstition,
and art into pedantry.  Hence University education.        -- G. B. Shaw

• Next message: FreeBSD Security Advisories: "FreeBSD Security Advisory: FreeBSD-SA-00:77.procfs"
• Previous message: Thomas Lopatic: "FireWall-1 Fastmode Vulnerability"
• In reply to: Michael Damm: "Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability)"
• Next in thread: Ryan Russell: "Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability)"
• Next in thread: 0d0: "Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability)"
• Reply: stanislav shalunov: "Re: Is /tmp still appropriate? (was Re: [hacksware]Pine temporary file hijacking vulnerability)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]