All the attacker has to do is: touch /tmp/pubkey.pem chmod a+w /tmp/pubkey.pem b...

		jwilk on July 21, 2017 \| parent \| context \| favorite \| on: How I Tricked Symantec with a Fake Private Key All the attacker has to do is: `touch /tmp/pubkey.pem chmod a+w /tmp/pubkey.pem` before the victim runs the code. No sticky bit, no restrictive umask, also no protected_hardlinks/protected_symlinks is going to save you.