From owner-freebsd-audit Thu Nov 23 8: 3:42 2000 Delivered-To: freebsd-audit@freebsd.org Received: from lists01.iafrica.com (lists01.iafrica.com [196.7.0.141]) by hub.freebsd.org (Postfix) with ESMTP id BE51337B479 for ; Thu, 23 Nov 2000 08:03:36 -0800 (PST) Received: from nwl.fw.uunet.co.za ([196.31.2.162]) by lists01.iafrica.com with esmtp (Exim 3.12 #2) id 13yyqJ-00027U-00 for audit@freebsd.org; Thu, 23 Nov 2000 18:03:23 +0200 Received: (from nobody@localhost) by nwl.fw.uunet.co.za (8.8.8/8.6.9) id SAA14849 for ; Thu, 23 Nov 2000 18:03:33 +0200 (SAST) Received: by nwl.fw.uunet.co.za via recvmail id 14714; Thu Nov 23 18:02:46 2000 Received: from sheldonh (helo=axl.fw.uunet.co.za) by axl.fw.uunet.co.za with local-esmtp (Exim 3.16 #1) id 13yypi-0003hj-00 for audit@FreeBSD.org; Thu, 23 Nov 2000 18:02:46 +0200 From: Sheldon Hearn To: audit@freebsd.org Subject: makedevops.pl and makeobjops.pl tmpfiles Date: Thu, 23 Nov 2000 18:02:46 +0200 Message-ID: <14242.974995366@axl.fw.uunet.co.za> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi folks, It seems to me that, unless we import the File::Temp perl5 module into the base system (as NetBSD have done), we should use something like the following patch to makeobjops.pl and makedevops.pl, less they be abused. The perl5.6.0's srand() subroutine seeds the PRNG from /dev/urandom, so we don't have to worry too much about a guessable seed. In fact, the call to srand() shouldn't be required at all, since perl5.6.0 automatically calls srand() if it has not yet been called by the time rand() is first called. Ciao, Sheldon. Index: makedevops.pl =================================================================== RCS file: /home/ncvs/src/sys/kern/makedevops.pl,v retrieving revision 1.13 diff -u -d -r1.13 makedevops.pl --- makedevops.pl 2000/10/15 15:19:35 1.13 +++ makedevops.pl 2000/11/23 15:57:48 @@ -117,10 +117,12 @@ $tmpdir = '.' # give up and use current dir if !$tmpdir; +srand; + foreach $src ( @filenames ) { # Names of the created files - $ctmpname = "$tmpdir/ctmp.$$"; - $htmpname = "$tmpdir/htmp.$$"; + $ctmpname = "$tmpdir/ctmp." . rand(9999); + $htmpname = "$tmpdir/htmp." . rand(9999); ($name, $path, $suffix) = &fileparse($src, '.m'); $path = '.' Index: makeobjops.pl =================================================================== RCS file: /home/ncvs/src/sys/kern/makeobjops.pl,v retrieving revision 1.1 diff -u -d -r1.1 makeobjops.pl --- makeobjops.pl 2000/04/08 14:17:10 1.1 +++ makeobjops.pl 2000/11/23 15:58:36 @@ -118,10 +118,12 @@ $tmpdir = '.' # give up and use current dir if !$tmpdir; +srand; + foreach $src ( @filenames ) { # Names of the created files - $ctmpname = "$tmpdir/ctmp.$$"; - $htmpname = "$tmpdir/htmp.$$"; + $ctmpname = "$tmpdir/ctmp." . rand(9999); + $htmpname = "$tmpdir/htmp." . rand(9999); ($name, $path, $suffix) = &fileparse($src, '.m'); $path = '.' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message