|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: mktemp() and friends
Darren Reed (avalon
coombs.anu.edu.au)Tue, 24 Dec 1996 07:51:31 +1100
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Uriel Maimon: "Re: mktemp() and friends"
- Previous message: Theo de Raadt: "Re: mktemp() and friends"
- In reply to: Theo de Raadt: "Re: mktemp() and friends"
- Next in thread: Uriel Maimon: "Re: mktemp() and friends"
In some mail from Theo de Raadt, sie said:
>
> >In some mail from Theo de Raadt, sie said:
> >[...]
> >> Has anyone done a major cleanup of /tmp holes (ie. mktemp and friends)?
> >
> >Personally, I think they should all return either "FILE *" or an open
> >file descriptor so even if /tmp isn't +t, you already have opened the
> >file you actually asked for. But that's just IMHO.
>
> Uhm, +t doesn't actually help much for the race at file creation time.
> You are still symbolic link raceable since mktemp filenames are
> guessable. The filenames are guessable since the 6 X's are written
> over by not much more than just the pid -- mktemp() wants to generate
> low-collision-rate filenames.
open("/tmp/filename", O_CREAT|O_EXCL) is what I'd like to see used and what I
think that interface should use (this provides an open file descriptor
or -1 if the file is already there, no symbolic link races, etc). I don't
know if it does or doesn't, but it should.
mktemp/mkstemp/tmpnam/tempnam should not be used and tmpfile should be
implemented as above.
Then there are temporary files used in shell scripts - quite often root
cornjobs get implemented to write to some file in /tmp (I prefer to use
/, ~root or /etc).
Darren
- Next message: Uriel Maimon: "Re: mktemp() and friends"
- Previous message: Theo de Raadt: "Re: mktemp() and friends"
- In reply to: Theo de Raadt: "Re: mktemp() and friends"
- Next in thread: Uriel Maimon: "Re: mktemp() and friends"