Date: Tue, 17 May 2005 10:02:26 -0700 From: Max Okumoto <okumoto@ucsd.edu> To: Alexander Leidinger <netchild@FreeBSD.org> Cc: cvs-src@FreeBSD.org Subject: Re: cvs commit: src/usr.bin/make job.c Message-ID: <428A23A2.5080108@ucsd.edu> In-Reply-To: <20050517144446.gibxprydoosokw0k@netchild.homeip.net> References: <200505121545.j4CFjENu078768@repoman.freebsd.org> <20050512180743.6z1h22fldwksgw4w@netchild.homeip.net> <hfbr7ge2gu.fsf@multivac.sdsc.edu> <42897003.2090005@ucsd.edu> <20050517144446.gibxprydoosokw0k@netchild.homeip.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Alexander Leidinger wrote: > Max Okumoto <okumoto@ucsd.edu> wrote:> >> If I use mkdtemp(), there is a chance that someone with the >> same UID could race to build the fifo. Do we care about >> races with ourselves? Or am I just being toooo paranoid? :-) > Are you sure? mkdtemp() generates a "random" name like mkstemp() does, > so the race would have existed already before (but the probability is > very low that two make instances generate the same name)... > > Bye, > Alexander. Its not a race between two nice programs :-) The function mkdtmp() creates a uniq directory, but make would then need to create a fifo in it. (This is two steps, and thus can allow a race) Assume badmake has same uid, so it can create a file in the uniq directory. (Of course this means that the bad guy already has your account.) Max Normal pattern: --------------------- make0: uses mkdtmp() to create dir /tmp/4321 make0: tries to create fifo /tmp/4321 make1: uses mkdtmp() to create dir /tmp/4321 but fails make1: mkdtmp() next tries to create /tmp/4322 successs make1: tries to create fifo /tmp/4322 Sort of DOS: --------------------- make: uses mkdtmp() to create /tmp/1234/ badmake: watches for creation of /tmp/1234/ and creates /tmp/1234/fifo. make: tries to create /tmp/1234/fifo fails.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?428A23A2.5080108>