Fred Cohen & Associates

Common Directories and Libraries

Copyright(c) Management Analytics, 1995 - All Rights Reserved

Copyright(c), 1990, 1995 Dr. Frederick B. Cohen - All Rights Reserved

Most systems have common use areas, such as the `tmp', `usrtmp', and `usrlocal' areas. These are used by programs for temporary storage, or by programmers or program installers to put programs designed for other users to use into a common access area. This is efficient because it reduces the size of the search path, and separates systems information from local customizations.

Problem:

The problem comes when users can put executable programs, libraries, and other information into the search path of many other users. This allows Trojan horses and spoofing programs to be easily introduced. It also allows users to modify programs placed into common areas by other users. For example, temporary areas are used to store intermediate results during compilation. Since these areas are accessible to any user, any user can modify another user's program during compilation.

Prevention:

There is no way to prevent this in most UNIX systems, but if we educate users to this problem and provide proper defaults for the path variable, we can prevent most such problems.

Detection:

This problem could be detected by integrity provisions in each program accessing the common use areas, but no standard UNIX program provides this sort of mechanism at this time.

Cure:

If you find such an induced problem, you can replace the corrupt information.

Problem:

Spooling areas are also susceptible to attack, depending on the protections used on those directories. Since many users have to be able to spool output to printers, protection is commonly misapplied.

Prevention:

The setuid facility can be applied to secure these areas, but you have to be careful with this facility as well.

Detection:

There is no obvious way to detect such problems, and almost certainly no general purpose method of detection.

Cure:

If you can't detect the problem it is very hard to eliminate it.