Date: Sat, 4 Mar 2000 19:04:49 +0000 From: Colin Phipps <crp22@cam.ac.uk> To: sheldonh@freebsd.org, freebsd-bugs@freebsd.org Subject: Re: gnu/16942: send-pr(1) creates unsafe temp files Message-ID: <20000304190449.A98983@crp22.trin.cam.ac.uk> In-Reply-To: <200003041014.CAA18944@freefall.freebsd.org>; from sheldonh@freebsd.org on Sat, Mar 04, 2000 at 02:14:01AM -0800 References: <200003041014.CAA18944@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Mar 04, 2000 at 02:14:01AM -0800, sheldonh@freebsd.org wrote: > Synopsis: send-pr(1) creates unsafe temp files > > State-Changed-From-To: open->feedback > State-Changed-By: sheldonh > State-Changed-When: Sat Mar 4 02:10:57 PST 2000 > State-Changed-Why: > The patch on PR 17175 looks a little cleaner. How does it look to > you? Simplistic. It doesn't even fix the temp race, since the file pointed to by $TEMP is rm'd and reopened e.g. if send-pr is looking up the username in /etc/passwd. My patch uses a separate temporary file for each operation. Also, 17175 is more likely to leave temp files lying around if it is interrupted. My patch attempts to minimise this possibility by only creating those temporary files around the same place the trap is set up to remove them on exit. Colin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000304190449.A98983>