From owner-freebsd-audit Sun Jan 16 19:37:47 2000 Delivered-To: freebsd-audit@freebsd.org Received: from alcanet.com.au (border.alcanet.com.au [203.62.196.10]) by hub.freebsd.org (Postfix) with ESMTP id 5B57A14C9D for ; Sun, 16 Jan 2000 19:37:41 -0800 (PST) (envelope-from jeremyp@gsmx07.alcatel.com.au) Received: by border.alcanet.com.au id <40327>; Mon, 17 Jan 2000 14:29:45 +1100 Content-return: prohibited From: Peter Jeremy Subject: Re: libc patch to warn about tempfiles In-reply-to: ; from kris@hub.freebsd.org on Mon, Jan 17, 2000 at 01:04:11PM +1100 To: Kris Kennaway Cc: audit@FreeBSD.ORG Message-Id: <00Jan17.142945est.40327@border.alcanet.com.au> MIME-version: 1.0 X-Mailer: Mutt 1.0i Content-type: text/plain; charset=us-ascii References: Date: Mon, 17 Jan 2000 14:29:42 +1100 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 2000-Jan-17 13:04:11 +1100, Kris Kennaway wrote: >Here's a patch to libc which complains when an application tries to use >mktemp()/mkstemp()/... with fewer than 10 X's (using 6 is common, but >unfortunately insecure since the PID is either known or easily guessable, >leaving only 52 different results). This may be useful for tracking down >insecure ports, as well as things in the base tree which have yet to be >fixed. I think that changing the algorithm to use a denser encoding (eg encoding the PID in base-62 or more, rather than base 10) would be a better solution. This way you don't need to change the functions using mktemp() et al. Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message