From: aidan@velvet.net (Aidan Skinner)
Subject: Re: ACT announces availability of GNAT 3.14p
Date: Mon, 11 Feb 2002 16:49:10 +0000 (UTC)
Date: 2002-02-11T16:49:10+00:00 [thread overview]
Message-ID: <slrna6ftg6.qji.aidan@crushed.velvet.net> (raw)
In-Reply-To: XLQoaxSGta64@eisner.encompasserve.org
On 11 Feb 2002 10:19:46 -0600, Larry Kilgallen <Kilgallen@SpamCop.net>
wrote in <XLQoaxSGta64@eisner.encompasserve.org>:
> as to provide more protection. But attempting to make the default
> use of /tmp by an Ada program more secure than the default use of /tmp
> by a shell script will be effective only if you also prevent use of
> /tmp by shell scripts.
AIUI the problem is GNAT calling the mktemp(3) function to create it's
temporary file, which does not do a check for file existence and
creation in an atomic manner (ie. I can create a symlink with very
careful timing and clobber say, /etc/passwd).
The mkstemp(3) call does this check in an atmoic manner, thereby
avoiding the problem.
Shell scripts should use the mktemp(1) command to create temporary
files, which (on OpenBSD 2.9 and FreeBSD 4.5) uses the mkstemp(3)
library call and are thus OK from this perspective. I don't have
access to any other *nix boxes to check what they do.
- Aidan
--
aidan@velvet.net http://www.velvet.net/~aidan/ aim:aidans42
finger for pgp key fingerprint: |-----------------------------
01AA 1594 2DB0 09E3 B850 | The lurkers support me in
C2D0 9A2C 4CC9 3EC4 75E1 | email
next prev parent reply other threads:[~2002-02-11 16:49 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-01-31 2:49 ACT announces availability of GNAT 3.14p Robert Dewar
2002-02-03 8:07 ` Leon Winslow
2002-02-03 10:56 ` Dmitry A. Kazakov
2002-02-03 14:18 ` Robert Dewar
2002-02-03 14:46 ` Samuel Tardieu
2002-02-03 19:53 ` Robert Dewar
2002-02-03 13:13 ` Larry Kilgallen
2002-02-03 13:47 ` Jeffrey Creem
2002-02-03 14:11 ` Robert Dewar
2002-02-03 16:50 ` Pascal Obry
2002-02-17 5:37 ` jim
2002-02-17 11:20 ` Pascal Obry
2002-02-04 14:13 ` Stephen Leake
2002-02-04 16:07 ` Stephen Leake
2002-02-04 17:18 ` Darren New
2002-02-04 18:36 ` Preben Randhol
2002-02-04 19:08 ` Pascal Obry
2002-02-06 21:36 ` Karl Ran
2002-02-07 8:15 ` Preben Randhol
2002-02-07 15:06 ` Stephen Leake
2002-02-08 1:09 ` Robert Dewar
2002-02-08 11:23 ` John English
2002-02-08 12:33 ` Georg Bauhaus
2002-02-10 18:22 ` Robert Dewar
2002-02-10 18:53 ` Matthew Woodcraft
2002-02-12 12:14 ` John English
2002-02-08 17:10 ` Stephen Leake
2002-02-10 9:26 ` Florian Weimer
2002-02-10 10:07 ` Florian Weimer
2002-02-10 9:26 ` Florian Weimer
2002-02-10 18:38 ` Robert Dewar
2002-02-10 19:23 ` Florian Weimer
2002-02-10 21:55 ` Robert Dewar
2002-02-10 22:05 ` Florian Weimer
2002-02-11 12:36 ` Robert Dewar
2002-02-11 15:09 ` Florian Weimer
2002-02-11 16:19 ` Larry Kilgallen
2002-02-11 16:49 ` Aidan Skinner [this message]
2002-02-11 19:16 ` Florian Weimer
2002-02-11 19:36 ` Larry Kilgallen
2002-02-12 2:18 ` Robert Dewar
2002-02-12 21:10 ` Florian Weimer
2002-02-12 21:59 ` Larry Kilgallen
2002-02-11 18:55 ` Samuel Tardieu
2002-02-12 14:47 ` Karl Ran
2002-02-12 15:28 ` Aidan Skinner
2002-02-12 15:51 ` David C. Hoos
2002-02-12 15:40 ` Florian Weimer
-- strict thread matches above, loose matches on Subject: below --
2002-01-31 8:22 Christoph Grein
2002-02-10 18:32 ` Robert Dewar
[not found] <0d3401c1b3dd$25df9ac0$453ab4d8@sy.com>
2002-02-12 15:47 ` Aidan Skinner
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox