From owner-freebsd-audit  Thu Jan 27 17:38:39 2000
Delivered-To: freebsd-audit@freebsd.org
Received: from MailAndNews.com (MailAndNews.com [199.29.68.160])
	by hub.freebsd.org (Postfix) with ESMTP id C044314F43
	for <FreeBSD-audit@FreeBSD.ORG>; Thu, 27 Jan 2000 17:38:35 -0800 (PST)
	(envelope-from mheffner@mailandnews.com)
Received: from muriel.penguinpowered.com [208.138.198.103] (mheffner@mailandnews.com); Thu, 27 Jan 2000 20:38:33 -0500
X-WM-Posted-At: MailAndNews.com; Thu, 27 Jan 00 20:38:33 -0500
Content-Length: 1078
Message-ID: <XFMail.20000127204010.mheffner@mailandnews.com>
X-Mailer: XFMail 1.4.4 on FreeBSD
X-Priority: 3 (Normal)
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
In-Reply-To: <Pine.BSF.4.21.0001271628080.76830-100000@hub.freebsd.org>
Date: Thu, 27 Jan 2000 20:40:10 -0500 (EST)
Reply-To: Mike Heffner <spock@techfour.net>
From: Mike Heffner <mheffner@mailandnews.com>
To: Kris Kennaway <kris@hub.freebsd.org>
Subject: Re: use mkstemp(3) for sort
Cc: FreeBSD-audit <FreeBSD-audit@FreeBSD.ORG>,
	Mike Heffner <spock@techfour.net>, Garance A Drosihn <drosih@rpi.edu>
Sender: owner-freebsd-audit@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


On 28-Jan-2000 Kris Kennaway wrote:
  | On Thu, 27 Jan 2000, Garance A Drosihn wrote:
  | 
  |> For something like this, I sometimes wonder if it would be better
  |> to have the program ('sort', in this case) to create a randomly-
  |> named directory in /tmp, make sure that directory is owned by the
  |> right user and is only readable by the user, and then create all
  |> if it's temporary files inside of that directory.
  | 
  | This sounds like a better solution than making an invasive change which
  | will have to be re-merged if we upgrade the code (assuming it's not taken 
  | up by the vendor).
  | 
  | i.e. create the private directory securely with mkdtemp, and sort can be
  | as insecure as it wants within it :-)


Alright. That sounds a lot easier than what I did. I'll revisit it later this
weekend, unless someone else makes that change  before then. Thanks for
reviewing it though.

---------------------------------
Mike Heffner <spock@techfour.net>
Fredericksburg, VA
ICQ# 882073
Date: 27-Jan-2000   Time: 20:32:46
---------------------------------


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message