Don't use predictable names in /tmp
We use multiple predictable names in /tmp
, e.g. /tmp/netns-specific
and /tmp/shared-with-me
. There might be more, I did not check.
Because /tmp
is world-writable, using predictable names is prone to attacks where an attacker creates a symbolic link to an arbitrary file which is then opened instead.
In the case of /tmp/netns-specific
and /tmp/shared-with-me
a solution could be to move them to /run/user/1000
because they are owned by amnesia
.