From: Florian Weimer <fw@deneb.enyo.de>
Subject: Re: ACT announces availability of GNAT 3.14p
Date: Tue, 12 Feb 2002 22:10:11 +0100
Date: 2002-02-12T21:10:15+00:00 [thread overview]
Message-ID: <87sn862yq4.fsf@deneb.enyo.de> (raw)
In-Reply-To: 5ee5b646.0202111818.73a4106@posting.google.com
dewar@gnat.com (Robert Dewar) writes:
> I would certainly agree with that. But I remind again, that
> if you are writing high security Ada programs, e.g. those
> running as setuid, you are well advised to stay away from
> anonymous temporary files whose location is not specified
> by the standard in any case.
Funny to see that Robert is spreading misinformation on CLA. ;-)
The problem in GNAT 3.14p and earlier does not only affect setuid
applications, it affects any application which creates temporary
files. Arguing from the Ada standard is of no help here because the
Ada standard does not provide an interface to create temporary files
safely, without race conditions. Furthermore, in GNAT 3.14p, the
location *is* hardwired to /tmp for setuid programs, at least if the
underlying libc is reasonable (which can be checked by examining the
source code).
next prev parent reply other threads:[~2002-02-12 21:10 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-01-31 2:49 ACT announces availability of GNAT 3.14p Robert Dewar
2002-02-03 8:07 ` Leon Winslow
2002-02-03 10:56 ` Dmitry A. Kazakov
2002-02-03 14:18 ` Robert Dewar
2002-02-03 14:46 ` Samuel Tardieu
2002-02-03 19:53 ` Robert Dewar
2002-02-03 13:13 ` Larry Kilgallen
2002-02-03 13:47 ` Jeffrey Creem
2002-02-03 14:11 ` Robert Dewar
2002-02-03 16:50 ` Pascal Obry
2002-02-17 5:37 ` jim
2002-02-17 11:20 ` Pascal Obry
2002-02-04 14:13 ` Stephen Leake
2002-02-04 16:07 ` Stephen Leake
2002-02-04 17:18 ` Darren New
2002-02-04 18:36 ` Preben Randhol
2002-02-04 19:08 ` Pascal Obry
2002-02-06 21:36 ` Karl Ran
2002-02-07 8:15 ` Preben Randhol
2002-02-07 15:06 ` Stephen Leake
2002-02-08 1:09 ` Robert Dewar
2002-02-08 11:23 ` John English
2002-02-08 12:33 ` Georg Bauhaus
2002-02-10 18:22 ` Robert Dewar
2002-02-10 18:53 ` Matthew Woodcraft
2002-02-12 12:14 ` John English
2002-02-08 17:10 ` Stephen Leake
2002-02-10 9:26 ` Florian Weimer
2002-02-10 10:07 ` Florian Weimer
2002-02-10 9:26 ` Florian Weimer
2002-02-10 18:38 ` Robert Dewar
2002-02-10 19:23 ` Florian Weimer
2002-02-10 21:55 ` Robert Dewar
2002-02-10 22:05 ` Florian Weimer
2002-02-11 12:36 ` Robert Dewar
2002-02-11 15:09 ` Florian Weimer
2002-02-11 16:19 ` Larry Kilgallen
2002-02-11 16:49 ` Aidan Skinner
2002-02-11 19:16 ` Florian Weimer
2002-02-11 19:36 ` Larry Kilgallen
2002-02-12 2:18 ` Robert Dewar
2002-02-12 21:10 ` Florian Weimer [this message]
2002-02-12 21:59 ` Larry Kilgallen
2002-02-11 18:55 ` Samuel Tardieu
2002-02-12 14:47 ` Karl Ran
2002-02-12 15:28 ` Aidan Skinner
2002-02-12 15:51 ` David C. Hoos
2002-02-12 15:40 ` Florian Weimer
-- strict thread matches above, loose matches on Subject: below --
2002-01-31 8:22 Christoph Grein
2002-02-10 18:32 ` Robert Dewar
[not found] <0d3401c1b3dd$25df9ac0$453ab4d8@sy.com>
2002-02-12 15:47 ` Aidan Skinner
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox