Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: mktemp() and friendsDarren Reed (avaloncoombs.anu.edu.au)
Tue, 24 Dec 1996 07:51:31 +1100
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Uriel Maimon: "Re: mktemp() and friends"
- Previous message: Theo de Raadt: "Re: mktemp() and friends"
- In reply to: Theo de Raadt: "Re: mktemp() and friends"
- Next in thread: Uriel Maimon: "Re: mktemp() and friends"
In some mail from Theo de Raadt, sie said: > > >In some mail from Theo de Raadt, sie said: > >[...] > >> Has anyone done a major cleanup of /tmp holes (ie. mktemp and friends)? > > > >Personally, I think they should all return either "FILE *" or an open > >file descriptor so even if /tmp isn't +t, you already have opened the > >file you actually asked for. But that's just IMHO. > > Uhm, +t doesn't actually help much for the race at file creation time. > You are still symbolic link raceable since mktemp filenames are > guessable. The filenames are guessable since the 6 X's are written > over by not much more than just the pid -- mktemp() wants to generate > low-collision-rate filenames. open("/tmp/filename", O_CREAT|O_EXCL) is what I'd like to see used and what I think that interface should use (this provides an open file descriptor or -1 if the file is already there, no symbolic link races, etc). I don't know if it does or doesn't, but it should. mktemp/mkstemp/tmpnam/tempnam should not be used and tmpfile should be implemented as above. Then there are temporary files used in shell scripts - quite often root cornjobs get implemented to write to some file in /tmp (I prefer to use /, ~root or /etc). Darren