Hacker News new | ask | show | jobs
by mioelnir 3249 days ago
This of course assumes you are running around an actual multiuser system without 1777 /tmp and 077 umask like it is 1989.
1 comments
jwilk 3249 days ago
All the attacker has to do is:

  touch /tmp/pubkey.pem
  chmod a+w /tmp/pubkey.pem
before the victim runs the code.

No sticky bit, no restrictive umask, also no protected_hardlinks/protected_symlinks is going to save you.

link