From owner-freebsd-audit Fri Nov 24 14:32:33 2000 Delivered-To: freebsd-audit@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id 2976237B479 for ; Fri, 24 Nov 2000 14:32:32 -0800 (PST) Received: (from kris@localhost) by citusc17.usc.edu (8.11.1/8.11.1) id eAOMXa670586 for audit@FreeBSD.org; Fri, 24 Nov 2000 14:33:36 -0800 (PST) (envelope-from kris) Date: Fri, 24 Nov 2000 14:33:36 -0800 From: Kris Kennaway To: audit@FreeBSD.org Subject: Project for auditors Message-ID: <20001124143336.A70550@citusc17.usc.edu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="qDbXVdCdHGoSgWSk" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --qDbXVdCdHGoSgWSk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Here's something I just noticed../usr/bin/mail will repeatedly create files with the same name from mktemp(), of the form /tmp/RsXXXXXX (as well as some others). This needs to be fixed to use mkstemp() since theres the very easy to exploit race condition there. Anyone up for it? Kris --qDbXVdCdHGoSgWSk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjoe7MAACgkQWry0BWjoQKXx9wCggAm/hal4rulK03J7W2OWtwtG ww0An2iYPZTDOAFGD5yJbJo5AP51zYDX =duPO -----END PGP SIGNATURE----- --qDbXVdCdHGoSgWSk-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message