Date: Sat, 19 Oct 1996 11:15:27 +1000 From: Bruce Evans <bde@zeta.org.au> To: bde@zeta.org.au, tridge@arvidsjaur.anu.edu.au Cc: freebsd-hackers@FreeBSD.org, Guido.vanRooij@nl.cis.philips.com, julian@whistle.com Subject: Re: fix for symlinks in /tmp (fwd) FYI Message-ID: <199610190115.LAA27084@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>> Our mkstemp() and mktemp() use O_EXCL, and gcc seems to use mktemp(), >> so I think gcc isn't vulnerable. > >Really? mktemp() actually creates the file? I thought that was what >tmpfile() was for. Oops. I forgot that mktemp() was so braindamaged. >ahhh, ok, mktemp() calls: > > _gettemp(char *path,int *doopen) > >and the doopen parameter controls if the open is used to create it >with O_EXCL set. mktemp() looks like this: > >char * >mktemp(path) > char *path; >{ > return(_gettemp(path, (int *)NULL) ? path : (char *)NULL); >} > >so doopen is set to NULL, meaning don't create. This means anyone >using mktemp() still needs to be careful about setting O_EXCL. Does >gcc on BSD do this? Not in FreeBSD. There is still a race (with a much smaller window) if O_EXCL isn't used even if symlinks aren't followed. Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610190115.LAA27084>