Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 17 May 2005 16:50:07 +0200 (CEST)
From:      Harti Brandt <hartmut.brandt@dlr.de>
To:        Alexander Leidinger <netchild@FreeBSD.org>
Cc:        Max Okumoto <okumoto@ucsd.edu>
Subject:   Re: cvs commit: src/usr.bin/make job.c##SPAM 
Message-ID:  <20050517164720.O7468@beagle.kn.op.dlr.de>
In-Reply-To: <20050517144446.gibxprydoosokw0k@netchild.homeip.net>
References:  <200505121545.j4CFjENu078768@repoman.freebsd.org> <hfbr7ge2gu.fsf@multivac.sdsc.edu> <20050517144446.gibxprydoosokw0k@netchild.homeip.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 17 May 2005, Alexander Leidinger wrote:

AL>Max Okumoto <okumoto@ucsd.edu> wrote:
AL>
AL>> If I use mkdtemp(), there is a chance that someone with the
AL>> same UID could race to build the fifo. Do we care about
AL>> races with ourselves?  Or am I just being toooo paranoid? :-)
AL>
AL>Are you sure? mkdtemp() generates a "random" name like mkstemp() does, so the
AL>race would have existed already before (but the probability is very low that
AL>two make instances generate the same name)...

Yes, I think the race existed before. That's why I put the somewhat fuzzy
security statement into the commit log. I put it so fuzzy, because I'm not 
sure we should worry about this. The only thing that could happen is a 
kind of DoS attack from a program running under your UID (it could steal 
you tokens or insert an unlimited number of tokens) on your make run. This 
seems actually not a something to worry about.

harti



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050517164720.O7468>