Date: Tue, 17 May 2005 10:06:54 -0700 From: Max Okumoto <okumoto@ucsd.edu> To: Harti Brandt <harti@freebsd.org> Cc: cvs-src@freebsd.org Subject: Re: cvs commit: src/usr.bin/make job.c##SPAM Message-ID: <428A24AE.2050207@ucsd.edu> In-Reply-To: <20050517164720.O7468@beagle.kn.op.dlr.de> References: <200505121545.j4CFjENu078768@repoman.freebsd.org> <hfbr7ge2gu.fsf@multivac.sdsc.edu> <20050517144446.gibxprydoosokw0k@netchild.homeip.net> <20050517164720.O7468@beagle.kn.op.dlr.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Harti Brandt wrote: > On Tue, 17 May 2005, Alexander Leidinger wrote: > > AL>Max Okumoto <okumoto@ucsd.edu> wrote: > AL> > AL>> If I use mkdtemp(), there is a chance that someone with the > AL>> same UID could race to build the fifo. Do we care about > AL>> races with ourselves? Or am I just being toooo paranoid? :-) > AL> > AL>Are you sure? mkdtemp() generates a "random" name like mkstemp() does, so the > AL>race would have existed already before (but the probability is very low that > AL>two make instances generate the same name)... > > Yes, I think the race existed before. That's why I put the somewhat fuzzy > security statement into the commit log. I put it so fuzzy, because I'm not > sure we should worry about this. The only thing that could happen is a > kind of DoS attack from a program running under your UID (it could steal > you tokens or insert an unlimited number of tokens) on your make run. This > seems actually not a something to worry about. > > harti They can't add tokens, mkfifo() will fail with EEXITS. Max
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?428A24AE.2050207>