Date: Fri, 8 Jun 2001 17:06:14 -0400 From: Alfred Perlstein <bright@rush.net> To: Michael Tang Helmeste <glassfish@frogbox.dyndns.org> Cc: Buliwyf McGraw <buliwyf@libertad.univalle.edu.co>, security@FreeBSD.ORG Subject: Re: Unsafe Message Message-ID: <20010608170613.I1832@superconductor.rush.net> In-Reply-To: <GLECJJEOFFBMALIKCDHIEEBCCBAA.glassfish@glassfish.net>; from glassfish@frogbox.dyndns.org on Fri, Jun 08, 2001 at 04:26:14PM -0400 References: <Pine.BSF.4.21.0106072126530.58539-100000@libertad.univalle.edu.co> <GLECJJEOFFBMALIKCDHIEEBCCBAA.glassfish@glassfish.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Please trim your messages, please get a mail client that quotes
messages properly.
> > On Thu, Jun 07, 2001 at 08:32:32PM -0500, Buliwyf McGraw wrote:
> > > Everytime that i compile something on my server, i get this message:
> > >
> > > warning: tmpnam() possibly used unsafely; consider using mkstemp()
> > >
> > > What it means?
* Michael Tang Helmeste <glassfish@frogbox.dyndns.org> [010608 16:26] wrote:
> Well, this may be changed in newer versions of the library, or you could go
> into the code yourself and change it. Personally I don't like going into
> other people's code, but if you really want to fix this, then the best of
> luck to you :)
> Theres not much other answer that I can provide other than this, sorry.
tmpnam() is unsafe because it only gives you a name in memory, the file
name that it generates is still not actually created so if you go ahead
and blindly create/open the filename you get back from tmpnam() you may
loose a race against something else trying to dupe you into opening or
clobbering something you shouldn't.
mkstemp() is safe because it actually generates the file for you and
creates it with reasonable permissions:
The mkstemp() function makes the same replacement to the template and
creates the template file, mode 0600, returning a file descriptor opened
for reading and writing. This avoids the race between testing for a
file's existence and opening it for use.
This has been discussed on many lists, many times in the past.
--
-Alfred Perlstein [alfred@freebsd.org]
Instead of asking why a piece of software is using "1970s technology,"
start asking why software is ignoring 30 years of accumulated wisdom.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010608170613.I1832>