No executables in /tmp

Jeff Schroeder jeff at
Mon Mar 27 15:28:31 MST 2006

Thanks for the confirmation, all... as I suspected, securing executables 
(err, scripts) in the /tmp directory is non-trivial.  However, I wonder 
if something like this would work:

1) Move the main Perl executable from /usr/bin/perl to, 
say, /usr/bin/perl-real.

2) Create a new file /usr/bin/perl that's a shell script:

if [ -z "`echo $@ | grep ^/tmp`" ] && [ -z "`echo $PWD | grep ^/tmp`"];
  then /usr/bin/perl-real $@; fi

Basically this just takes the arguments to "perl blah blah" and checks 
whether the first one begins with "/tmp", then also checks whether /tmp 
is the current directory.  It would prevent things like

perl /tmp/


cd /tmp ; perl

Although it wouldn't stop

cat /tmp/ | perl

or even

perl /./tmp/

Of course, the whole intent of these shenanigans is to prevent automated 
cracks from succeeding.  The ones I've seen tend to save a file in /tmp 
and then just run Perl against it.  I think this would stop those guys 

Any thoughts?  Comments?  Am I missing something obvious?

(Naturally I'm nervous about doing something like replacing the system 
Perl command with a hack of a shell script...)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available
Url : 

More information about the PLUG mailing list