Bugtraq mailing list archives
Re: another /tmp race: `perl -e' opens temp file not safely
From: deraadt () CVS OPENBSD ORG (Theo de Raadt)
Date: Sun, 8 Mar 1998 15:56:16 -0700
If a lot of third party programs mktemp() and then fopen (..., "w") and it is easy to make mktemp() work more securily (i.e., securily for non-setgid programs) _why_ not do it? It's no trick, it will work as it did earlier. It is not going to break anything. It does not contradict to any standards, I guess, too.
But it is so trivial to fix code: FILE *fp = NULL; int fd = -1; char *nam = strdup("/tmp/fooXXXXXXXXXX"); if (nam == NULL) return (NULL); if ((fd = mkstemp(nam)) == -1) { close(fd); free(nam); return (NULL); } if ((fp = fdopen(fd, "w+")) != NULL) { free(nam); return (fp); } close(fd); unlink(nam); free(nam); return (NULL); etc etc whatever. It's just code like that; if anyone doesn't understand how it works perhaps they shouldn't be working in security 'cause they are never going to be able to ensure they are writing secure code themselves.
However, what you are doing is just making _your_ code correct. I don't see that it's anything specifically related to security:
Uhm, those are exactly the same thing. Correct code does not have unwanted side effects. It doesn't have unwanted side effects like buffer overflows which permit code to be run off the stack. Secure code does what it needs to do correctly, and nothing more. So why don't people fix code so that it is correct? Or, why don't people learn how to write correct code first?
Current thread:
- another /tmp race: `perl -e' opens temp file not safely stanislav shalunov (Mar 07)
- Re: another /tmp race: `perl -e' opens temp file not safely Dennis Taylor (Mar 07)
- Re: another /tmp race: `perl -e' opens temp file not safely Theo de Raadt (Mar 07)
- Re: another /tmp race: `perl -e' opens temp file not safely stanislav shalunov (Mar 07)
- Re: another /tmp race: `perl -e' opens temp file not safely Theo de Raadt (Mar 07)
- Re: another /tmp race: `perl -e' opens temp file not safely stanislav shalunov (Mar 08)
- Re: another /tmp race: `perl -e' opens temp file not safely Theo de Raadt (Mar 08)
- r00t Advisory [ LitterMaid Race Condition ] X (Mar 07)
- Re: another /tmp race: `perl -e' opens temp file not safely stanislav shalunov (Mar 08)
- Re: another /tmp race: `perl -e' opens temp file not safely Theo de Raadt (Mar 08)
- Updated list of crypto and security courses Avi Rubin (Mar 09)
- *sigh* another RH5 /tmp problem Mark A. Spencer (Mar 09)
- Re: *sigh* another RH5 /tmp problem Erik Troan (Mar 10)
- Re: Linux libc5 'bug' in mkstemp(). Andreas Jaeger (Mar 10)
- Re: another /tmp race: `perl -e' opens temp file not safely stanislav shalunov (Mar 07)
- Linux libc5 'bug' in mkstemp(). Greg Alexander (Mar 09)
- Re: Linux libc5 'bug' in mkstemp(). Casper Dik (Mar 10)
- Re: Plaintext passwords in Chase Online Banking dorqus maximus (Mar 08)