Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: OSS nice tmp race

From: crispin () CSE OGI EDU (Crispin Cowan)
Date: Sun, 20 Dec 1998 22:53:09 +0000

Joel Eriksson wrote:


There are of course cases where it's not this easy to get rid of the need
for a temporary file, the best way to fix this problem I think would be if
all users had their own private tmp-directory. I have heard of patches
that makes /tmp to a pseudo-directory that is "private" for each user
that may be useful (I think it was for Linux, but I don't think it is
widely spread).

Since programmers keep repeating the old mistakes over and over again, the
responsibility is ultimately the users. One can't check all of the
sourcecode that we compile (at least not as thouroughly that may be
needed), but eliminating the possibility of certain common bugs from
having any dangerous implications is a first step. I think solutions like
StackGuard and the like is of great use when it comes to this.


Thanks for the plug!  Unfortunately, I haven't thought of any StackGuard-like techniques for
treating race conditions.  Matt Bishop's excellent paper on race condtions has some reasons why
race conditions are un-decidable at the compiler level.

Crispin
-----
 Crispin Cowan, Research Assistant Professor of Computer Science, OGI
    NEW:  Protect Your Linux Host with StackGuard'd Programs  :FREE
       http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/

                 Support Justice:  Boycott Windows 98
Previous By Date Next
Previous By Thread Next

Current thread: