From owner-cvs-src@FreeBSD.ORG  Tue May 17 14:50:13 2005
Return-Path: <owner-cvs-src@FreeBSD.ORG>
Delivered-To: cvs-src@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id E5ECE16A4CE; Tue, 17 May 2005 14:50:13 +0000 (GMT)
Received: from smtp-1.dlr.de (smtp-1.dlr.de [195.37.61.185])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 9BBAA43D2D; Tue, 17 May 2005 14:50:12 +0000 (GMT)
	(envelope-from Hartmut.Brandt@dlr.de)
Received: from beagle.kn.op.dlr.de ([129.247.173.6]) by smtp-1.dlr.de over TLS
	secured channel with Microsoft SMTPSVC(6.0.3790.211);
	Tue, 17 May 2005 16:50:01 +0200
Date: Tue, 17 May 2005 16:50:07 +0200 (CEST)
From: Harti Brandt <hartmut.brandt@dlr.de>
X-X-Sender: brandt_h@beagle.kn.op.dlr.de
To: Alexander Leidinger <netchild@FreeBSD.org>
In-Reply-To: <20050517144446.gibxprydoosokw0k@netchild.homeip.net>
Message-ID: <20050517164720.O7468@beagle.kn.op.dlr.de>
References: <200505121545.j4CFjENu078768@repoman.freebsd.org>
	<hfbr7ge2gu.fsf@multivac.sdsc.edu>
	<20050517144446.gibxprydoosokw0k@netchild.homeip.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-OriginalArrivalTime: 17 May 2005 14:50:01.0259 (UTC)
	FILETIME=[B3F1F7B0:01C55AEF]
cc: cvs-src@FreeBSD.org
cc: Max Okumoto <okumoto@ucsd.edu>
Subject: Re: cvs commit: src/usr.bin/make job.c##SPAM 
X-BeenThere: cvs-src@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Harti Brandt <harti@freebsd.org>
List-Id: CVS commit messages for the src tree <cvs-src.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src>
List-Post: <mailto:cvs-src@freebsd.org>
List-Help: <mailto:cvs-src-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 17 May 2005 14:50:14 -0000

On Tue, 17 May 2005, Alexander Leidinger wrote:

AL>Max Okumoto <okumoto@ucsd.edu> wrote:
AL>
AL>> If I use mkdtemp(), there is a chance that someone with the
AL>> same UID could race to build the fifo. Do we care about
AL>> races with ourselves?  Or am I just being toooo paranoid? :-)
AL>
AL>Are you sure? mkdtemp() generates a "random" name like mkstemp() does, so the
AL>race would have existed already before (but the probability is very low that
AL>two make instances generate the same name)...

Yes, I think the race existed before. That's why I put the somewhat fuzzy
security statement into the commit log. I put it so fuzzy, because I'm not 
sure we should worry about this. The only thing that could happen is a 
kind of DoS attack from a program running under your UID (it could steal 
you tokens or insert an unlimited number of tokens) on your make run. This 
seems actually not a something to worry about.

harti