Date: Sat, 10 Jun 2000 15:00:43 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: "Andrey A. Chernov" <ache@freebsd.org> Cc: "Jeroen C. van Gelderen" <jeroen@vangelderen.org>, Mark Murray <mark@grondar.za>, current@FreeBSD.ORG Subject: Re: mktemp() patch Message-ID: <Pine.BSF.4.21.0006101458250.61637-100000@freefall.freebsd.org> In-Reply-To: <Pine.BSF.4.21.0006101424020.56482-100000@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 10 Jun 2000, Kris Kennaway wrote:
> Given the other replies in this thread I think I'll just remove the PID
> stuff altogether and make the temp filename only constructed from
> alphanumeric character. The price is that there's a chance of collision
> between two programs who mktemp() and come up with the same random
> filename, which is a theoretical security risk (at present only something
> with the same PID can come up with a colliding tempfile name) but the
> probability is altogether pretty small. I'll do some calculations to
> estimate the exact level of risk here.
Actually, it's not of course a security risk in the new algorithm (this is
mktemp() after all), but it's a potential failure mode which can cause
applications to fail in ways they otherwise wouldn't (with some very low
probability) on a normal system. But, I don't think it's a big enough
problem to worry about (numbers still coming :-)
Kris
--
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0006101458250.61637-100000>