Date: Sat, 10 Jun 2000 19:22:59 -0700 From: "Andrey A. Chernov" <ache@freebsd.org> To: Kris Kennaway <kris@FreeBSD.org> Cc: "Jeroen C. van Gelderen" <jeroen@vangelderen.org>, Mark Murray <mark@grondar.za>, current@FreeBSD.ORG Subject: Re: mktemp() patch Message-ID: <20000610192259.A99504@freebsd.org> In-Reply-To: <Pine.BSF.4.21.0006101424020.56482-100000@freefall.freebsd.org>; from kris@FreeBSD.org on Sat, Jun 10, 2000 at 02:31:23PM -0700 References: <20000609234634.A50676@freebsd.org> <Pine.BSF.4.21.0006101424020.56482-100000@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jun 10, 2000 at 02:31:23PM -0700, Kris Kennaway wrote: > between two programs who mktemp() and come up with the same random > filename, which is a theoretical security risk (at present only something > with the same PID can come up with a colliding tempfile name) but the > probability is altogether pretty small. I'll do some calculations to > estimate the exact level of risk here. Please note that you turn never probavility into small one, and it is degradation. "never" is not completely never, of course, but if temp file stays until pids wrapped. -- Andrey A. Chernov <ache@nagual.pp.ru> http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000610192259.A99504>