Date: Tue, 20 Oct 1998 23:30:09 +0800 From: Peter Wemm <peter@netplex.com.au> To: Bruce Evans <bde@zeta.org.au> Cc: cvs-all@FreeBSD.ORG, cvs-committers@FreeBSD.ORG Subject: Re: cvs commit: src/lib/libc/stdio mktemp.c Message-ID: <199810201530.XAA12150@spinner.netplex.com.au> In-Reply-To: Your message of "Wed, 21 Oct 1998 00:59:40 %2B1000." <199810201459.AAA10106@godzilla.zeta.org.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Bruce Evans wrote: > >I'm not sure how to best fix it that is *safe*. > > Yes, any change breaks: > > /* > * Prevent even ourself from easily accessing the tmp file except > * via the fd returned by mkstemp(). Dont ask why :-). > */ > umask(0777); > fd = mkstemp(foo); man mkstemp: The mkstemp() function makes the same replacement to the template and creates the template file, mode 0600, returning a file descriptor opened ^^^^ for reading and writing. This avoids the race between testing for a file's existence and opening it for use. A specfic mode is specified, your example is broken, especially on NFS. The way to implement what you want is: fd = mkstemp(foo); unlink(foo); or, if you want a FILE * in the end, use "fp = tmpfile();" > >Leaving it failing due to the umask preventing it from opening the file it > >just created isn't ideal because the mk*temp() function has *failed* and > >yet it still created the file. I don't believe it's safe to > > mk*temp() hasn't failed. It returns a r/w file descriptor for a file > with mod 0000. vi has problems when it closes this fd and attempts to > reopen it. Yes, you are right, nvi is going gaga. However, mkstemp() is still broken, it does not behave as specified. This interface is not one we "own" and we cannot change it. > Bruce Cheers, -Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199810201530.XAA12150>