From owner-freebsd-bugs Sat Mar 4 11: 5:12 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from lilac.csi.cam.ac.uk (lilac.csi.cam.ac.uk [131.111.8.44]) by hub.freebsd.org (Postfix) with ESMTP id E8A3C37B85D; Sat, 4 Mar 2000 11:05:04 -0800 (PST) (envelope-from crp22@cam.ac.uk) Received: from crp22.trin.cam.ac.uk ([131.111.193.222] ident=root) by lilac.csi.cam.ac.uk with esmtp (Exim 3.13 #1) id 12RJrG-0004qu-00; Sat, 04 Mar 2000 19:04:58 +0000 Received: (from cph@localhost) by crp22.trin.cam.ac.uk (8.9.3/8.9.3) id TAA99003; Sat, 4 Mar 2000 19:04:49 GMT (envelope-from crp22@cam.ac.uk) X-Authentication-Warning: crp22.trin.cam.ac.uk: cph set sender to crp22@cam.ac.uk using -f Date: Sat, 4 Mar 2000 19:04:49 +0000 From: Colin Phipps To: sheldonh@freebsd.org, freebsd-bugs@freebsd.org Subject: Re: gnu/16942: send-pr(1) creates unsafe temp files Message-ID: <20000304190449.A98983@crp22.trin.cam.ac.uk> References: <200003041014.CAA18944@freefall.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <200003041014.CAA18944@freefall.freebsd.org>; from sheldonh@freebsd.org on Sat, Mar 04, 2000 at 02:14:01AM -0800 Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, Mar 04, 2000 at 02:14:01AM -0800, sheldonh@freebsd.org wrote: > Synopsis: send-pr(1) creates unsafe temp files > > State-Changed-From-To: open->feedback > State-Changed-By: sheldonh > State-Changed-When: Sat Mar 4 02:10:57 PST 2000 > State-Changed-Why: > The patch on PR 17175 looks a little cleaner. How does it look to > you? Simplistic. It doesn't even fix the temp race, since the file pointed to by $TEMP is rm'd and reopened e.g. if send-pr is looking up the username in /etc/passwd. My patch uses a separate temporary file for each operation. Also, 17175 is more likely to leave temp files lying around if it is interrupted. My patch attempts to minimise this possibility by only creating those temporary files around the same place the trap is set up to remove them on exit. Colin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message