Opening temporary files without appropriate measures or controls can leave the file, its contents and any function that consumes it vulnerable to attack.
- Get access to the created temporary files.
- Tamper data contained in the created temporary files.
Create the temporary files in a different directory than the default provided by the Operative system and ensure it has 0600 permission mask.
Anonymous attacker with local access to the server.
Default score using CVSS 3.1. It may change depending on the context of the vulnerability.
- Attack vector: L
- Attack complexity: H
- Privileges required: H
- User interaction: R
- Scope: U
- Confidentiality: L
- Integrity: L
- Availability: N
- Exploit code madurity: P
- Remediation level: U
- Report confidence: C
- Vector string: CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N/E:P/RL:U/RC:C
- Base: 2.9
- Temporal: 2.8
- Base: Low
- Temporal: Low
This java method has the following signature:
The first two arguments do not affect security of the created file.
In Linux, files and directories are different entities, they have their own permissions and are isolated from other files and directories.
Protections you apply to the directory
do not affect the files inside of it.
if I protect the directory
I can prevent an attacker
from executing the
but nothing impedes the attacker
To prevent access to the file we must protect the file, not the directory.
Additionally, we make sure that permissions are set atomically. If we do not, the following situation can happen:
- At moment A
- At moment B we add secure permissions to the file.
After moment B the file is secured. However, between moment A and moment B the file has insecure permissions and an attacker had enough opportunity to get control over it.
creates files with write permissions
in groups and other:
- Use the
attrsargument (an optional list of file attributes to set atomically when creating the file).