oss-sec mailing list archives
Re: Fw: Security risk of vim swap files
From: Solar Designer <solar () openwall com>
Date: Wed, 1 Nov 2017 19:12:09 +0100
On Wed, Nov 01, 2017 at 07:02:22PM +0100, Jakub Wilk wrote:
Unfortunately, glibc's implementation of tmpfile(3), which is the most fool-proof interface for dealing with temporary files that the C library offers, doesn't honour TMPDIR. :(
We've been carrying a patch for this for ages: * Sun Dec 07 2003 Solar Designer <solar-at-owl.openwall.com> 2.1.3-owl37 - Allow tmpfile(3) to use $TMPDIR, thanks to the report and patch by (GalaxyMaster). Certain other implementations are known to do the same. diff -uNrp glibc-2.3.2.orig/libio/oldtmpfile.c glibc-2.3.2/libio/oldtmpfile.c --- glibc-2.3.2.orig/libio/oldtmpfile.c 2002-04-08 07:02:09 +0000 +++ glibc-2.3.2/libio/oldtmpfile.c 2004-03-08 08:07:57 +0000 @@ -35,7 +35,7 @@ __old_tmpfile (void) int fd; FILE *f; - if (__path_search (buf, FILENAME_MAX, NULL, "tmpf", 0)) + if (__path_search (buf, FILENAME_MAX, NULL, "tmpf", 1)) return NULL; fd = __gen_tempname (buf, __GT_FILE); if (fd < 0) diff -uNrp glibc-2.3.2.orig/sysdeps/generic/tmpfile.c glibc-2.3.2/sysdeps/generic/tmpfile.c --- glibc-2.3.2.orig/sysdeps/generic/tmpfile.c 2002-06-12 20:57:46 +0000 +++ glibc-2.3.2/sysdeps/generic/tmpfile.c 2004-03-08 08:21:53 +0000 @@ -43,7 +43,7 @@ tmpfile (void) int fd; FILE *f; - if (__path_search (buf, FILENAME_MAX, NULL, "tmpf", 0)) + if (__path_search (buf, FILENAME_MAX, NULL, "tmpf", 1)) return NULL; fd = __gen_tempname (buf, GEN_THIS); if (fd < 0) Alexander
Current thread:
- Re: Fw: Security risk of vim swap files, (continued)
- Re: Fw: Security risk of vim swap files Tim (Oct 31)
- Re: Fw: Security risk of vim swap files Kurt H Maier (Oct 31)
- Re: Fw: Security risk of vim swap files Tim (Oct 31)
- Re: Fw: Security risk of vim swap files Steffen Nurpmeso (Oct 31)
- Re: Fw: Security risk of vim swap files Leonid Isaev (Nov 01)
- Re: Fw: Security risk of vim swap files Simon McVittie (Nov 01)
- Re: Fw: Security risk of vim swap files Tim (Nov 01)
- Re: Fw: Security risk of vim swap files Jeffrey Walton (Nov 01)
- Re: Fw: Security risk of vim swap files Kurt Seifried (Nov 01)
- Re: Fw: Security risk of vim swap files Jakub Wilk (Nov 01)
- Re: Fw: Security risk of vim swap files Solar Designer (Nov 01)
- Re: Security risk of vim swap files Ian Zimmerman (Nov 06)
- Re: Security risk of vim swap files Solar Designer (Nov 06)
- Re: Security risk of vim swap files Jakub Wilk (Nov 06)
- Re: Fw: Security risk of vim swap files Kurt H Maier (Oct 31)
- Re: Fw: Security risk of vim swap files Tim (Oct 31)
- Re: Fw: Security risk of vim swap files Jakub Wilk (Nov 01)
- Re: Fw: Security risk of vim swap files Leonid Isaev (Nov 01)
- Re: Fw: Security risk of vim swap files Jan Pokorný (Nov 01)
- Re: Re: Fw: Security risk of vim swap files Michael Orlitzky (Nov 01)