Date: Mon, 17 Jan 2000 16:04:27 -0500 From: Dan Moschuk <dan@FreeBSD.ORG> To: Peter Jeremy <peter.jeremy@alcatel.com.au> Cc: Kris Kennaway <kris@hub.freebsd.org>, audit@FreeBSD.ORG Subject: Re: libc patch to warn about tempfiles Message-ID: <20000117160427.E1156@spirit.jaded.net> In-Reply-To: <00Jan17.142945est.40327@border.alcanet.com.au>; from peter.jeremy@alcatel.com.au on Mon, Jan 17, 2000 at 02:29:42PM %2B1100 References: <Pine.BSF.4.21.0001161808160.32821-100000@hub.freebsd.org> <00Jan17.142945est.40327@border.alcanet.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
| >Here's a patch to libc which complains when an application tries to use | >mktemp()/mkstemp()/... with fewer than 10 X's (using 6 is common, but | >unfortunately insecure since the PID is either known or easily guessable, | >leaving only 52 different results). This may be useful for tracking down | >insecure ports, as well as things in the base tree which have yet to be | >fixed. | | I think that changing the algorithm to use a denser encoding (eg | encoding the PID in base-62 or more, rather than base 10) would be | a better solution. This way you don't need to change the functions | using mktemp() et al. Why not have it use arc4random()? -- Dan Moschuk (TFreak!dan@freebsd.org) "Waste not fresh tears on old griefs." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000117160427.E1156>