Date: Wed, 21 Oct 1998 18:04:35 +1000 From: Bruce Evans <bde@zeta.org.au> To: bde@zeta.org.au, imp@village.org Cc: cvs-all@FreeBSD.ORG, cvs-committers@FreeBSD.ORG, peter@netplex.com.au Subject: Re: cvs commit: src/lib/libc/stdio mktemp.c Message-ID: <199810210804.SAA25392@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>: > fd = mkstemp(foo);
>: > unlink(foo);
>:
>: This has a race between the mkstemp() and the unlink().
>
>???? What's the race here?
The file is user-readable and writable (if you clobber the caller's
request to make it of mode 000 by forcing the mode to 600).
>: Who owns it? The Linux (Redhat version mumble) man page says that
>: mkstemp() conforms to BSD 4.3 and creates the file with permissions
>: 0666. glibc-2.0.5c uses the same O_EXCL open as us except for using
>: this insecure mode.
^^^^^^^^
>Linux has it wrong. mkstemp should create a file that no one else can
I know.
Bruce
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199810210804.SAA25392>