...
| Wiki Markup |
|---|
In many older [implementations|BB. Definitions#implementation], the name is a function of process ID and time, so it is possible for the attacker to predict the name and create a decoy in advance. FreeBSD changed the {{mk*temp()}} family to eliminate the PID component of the file name and replace the entire field with base-62 encoded randomness. This raises the number of possible temporary files for the typical use of 6 Xs significantly, meaning that even {{mktemp()}} with 6 Xs is reasonably (probabilistically) secure against guessing, except under frequent usage \[[Kennaway 00|AA. C References#Kennaway 00]\]. |
Risk Assessment
Exceptions
FIO43-EX1: The TR24731-1 tmpfile_s() function can be used if all the targeted implementations create temporary files temporary file creation can lead to a program accessing unintended files in secure directories.
Risk Assessment
Insecure and permission escalation on local systemsFailure to create unique, unpredictable temporary file names can make it possible for an attacker to access or modify privileged files.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
FIO43-C | high | probable | medium | P12 | L1 |
...