apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <jor...@redhat.com>
Subject Re: cvs commit: apr/file_io/netware mktemp.c
Date Wed, 17 Nov 2004 16:22:11 GMT
On Fri, Oct 08, 2004 at 09:52:20PM -0000, Jean-Jacques Clar wrote:
> clar        2004/10/08 14:52:20
> 
>   Modified:    file_io/netware Tag: APR_0_9_BRANCH mktemp.c
>   Log:
>   removed the O_EXCL bit from the passed-in flag to allow create then open on temp file

I just noticed this: it looks like the Netware apr_file_mktemp
implementation is unsafe.  Is there a reason why it doesn't use
apr_file_os_put() given the fd from mkstemp() like the Unix
implementation does?  It's the classic "/tmp race" security issue:

    fd = mkstemp(template);
...
    close(fd);

    /* ### file named by template can be replaced here! ### */

    if ((rv = apr_file_open(fp, template, flags|APR_FILE_NOCLEANUP,

joe

Mime
View raw message