Bugtraq mailing list archives
Re: Tempfile vulnerabilities
From: nbm () MITHRANDR MORIA ORG (Neil Blakey-Milner)
Date: Wed, 2 Feb 2000 12:50:14 +0200
On Mon 2000-01-31 (23:55), Grant Taylor wrote:
sub get_tmpfile {
my $file;
do {
open RAN, "/dev/random" || die;
read(RAN,$foo,16);
close RAN;
$file = '/tmp/autobuse' . unpack('H16',$foo);
} while (-e $file || -l $file);
return $file;
}
This method is Linux-specific, but that's all I need. The fixed
autobuse is available at http://www.picante.com/~gtaylor/autobuse/
Note that Autobuse has, as far as I know, zero users (including me).
If I am wrong about this, please let me know!
I was about to suggest using mkstemp() from File::MkTemp, available
on CPAN, until I noticed that this mkstemp doesn't seem to use
O_CREAT and O_EXCL from Fcntl nor does it chmod 600 or similar.
It uses:
$template = mktemp(@_);
$openup = File::Spec->catfile($_[1], $template);
$fh = new FileHandle ">$openup"; #and say ahhh.
croak("Could not open file: $openup")
unless(defined $fh);
return($fh);
Which seems to be just as bad as using mktemp, and then opening a
file, with the usual race conditions. Considering the general
feeling about the "mkstemp" concept, this implementation isn't
quite there.
Neil
--
Neil Blakey-Milner
nbm () rucus ru ac za
Current thread:
- Re: Tempfile vulnerabilities, (continued)
- Re: Tempfile vulnerabilities Len Budney (Feb 03)
- Re: Tempfile vulnerabilities antirez (Feb 05)
- Re: Tempfile vulnerabilities Ian Turner (Feb 07)
- Re: Tempfile vulnerabilities Seth David Schoen (Feb 07)
- Remote access vulnerability in all MySQL server versions Robert van der Meulen (Feb 08)
- don't run random "exploit" code Marc Slemko (Feb 08)
- cookies - nothing new Steven Champeon (Feb 07)
- Re: cookies - nothing new MJE (Feb 08)
- Re: Tempfile vulnerabilities Peter Berendi (Feb 08)
- Re: Tempfile vulnerabilities Marc Lehmann (Feb 08)