From owner-cvs-src@FreeBSD.ORG Tue May 17 17:02:33 2005 Return-Path: Delivered-To: cvs-src@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CDFA716A4CE; Tue, 17 May 2005 17:02:33 +0000 (GMT) Received: from mailbox7.ucsd.edu (mailbox7.ucsd.edu [132.239.1.59]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7177B43D60; Tue, 17 May 2005 17:02:33 +0000 (GMT) (envelope-from okumoto@ucsd.edu) Received: from smtp.ucsd.edu (smtp-a.ucsd.edu [132.239.1.49]) by mailbox7.ucsd.edu (8.13.3/8.13.3) with ESMTP id j4HH2RrO045236 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 17 May 2005 10:02:27 -0700 (PDT) Received: from ucsd.edu (adsl-63-199-247-178.dsl.sndg02.pacbell.net [63.199.247.178]) by smtp.ucsd.edu (8.12.10/8.9.3) with ESMTP id j4HH2RTg014863; Tue, 17 May 2005 10:02:27 -0700 (PDT) Message-ID: <428A23A2.5080108@ucsd.edu> Date: Tue, 17 May 2005 10:02:26 -0700 From: Max Okumoto User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.4) Gecko/20030824 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Alexander Leidinger References: <200505121545.j4CFjENu078768@repoman.freebsd.org> <20050512180743.6z1h22fldwksgw4w@netchild.homeip.net> <42897003.2090005@ucsd.edu> <20050517144446.gibxprydoosokw0k@netchild.homeip.net> In-Reply-To: <20050517144446.gibxprydoosokw0k@netchild.homeip.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Greylisting: NO DELAY (Trusted relay host); processed by UCSD_GL-v1.2 on mailbox7.ucsd.edu; Tue, 17 May 2005 10:02:27 -0700 (PDT) X-MailScanner: PASSED (v1.2.8 9646 j4HH2RrO045236 mailbox7.ucsd.edu) cc: cvs-src@FreeBSD.org Subject: Re: cvs commit: src/usr.bin/make job.c X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 May 2005 17:02:34 -0000 Alexander Leidinger wrote: > Max Okumoto wrote:> >> If I use mkdtemp(), there is a chance that someone with the >> same UID could race to build the fifo. Do we care about >> races with ourselves? Or am I just being toooo paranoid? :-) > Are you sure? mkdtemp() generates a "random" name like mkstemp() does, > so the race would have existed already before (but the probability is > very low that two make instances generate the same name)... > > Bye, > Alexander. Its not a race between two nice programs :-) The function mkdtmp() creates a uniq directory, but make would then need to create a fifo in it. (This is two steps, and thus can allow a race) Assume badmake has same uid, so it can create a file in the uniq directory. (Of course this means that the bad guy already has your account.) Max Normal pattern: --------------------- make0: uses mkdtmp() to create dir /tmp/4321 make0: tries to create fifo /tmp/4321 make1: uses mkdtmp() to create dir /tmp/4321 but fails make1: mkdtmp() next tries to create /tmp/4322 successs make1: tries to create fifo /tmp/4322 Sort of DOS: --------------------- make: uses mkdtmp() to create /tmp/1234/ badmake: watches for creation of /tmp/1234/ and creates /tmp/1234/fifo. make: tries to create /tmp/1234/fifo fails.