From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,9960fa51a4a478af
X-Google-Attributes: gid103376,public
X-Google-ArrivalTime: 2002-02-11 08:50:05 PST
Path: 
 archiver1.google.com!news1.google.com!newsfeed.stanford.edu!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!dispose.news.demon.net!news.demon.co.uk!demon!crushed.velvet.net!aidan
From: aidan@velvet.net (Aidan Skinner)
Newsgroups: comp.lang.ada
Subject: Re: ACT announces availability of GNAT 3.14p
Date: Mon, 11 Feb 2002 16:49:10 +0000 (UTC)
Organization: Velvet Networks
Message-ID: <slrna6ftg6.qji.aidan@crushed.velvet.net>
References: <5ee5b646.0201301849.4e951bcb@posting.google.com>
 <e7ebd224.0202061336.767f7a9d@posting.google.com>
 <87k7tkkqbo.fsf@deneb.enyo.de> <XLQoaxSGta64@eisner.encompasserve.org>
NNTP-Posting-Host: localhost.velvet.net
X-NNTP-Posting-Host: crushed.velvet.net:62.49.231.23
X-Trace: news.demon.co.uk 1013446196 nnrp-13:1438 NO-IDENT
 crushed.velvet.net:62.49.231.23
X-Complaints-To: abuse@demon.net
NNTP-Posting-Date: Mon, 11 Feb 2002 16:49:10 +0000 (UTC)
User-Agent: slrn/0.9.7.0 (OpenBSD)
Xref: archiver1.google.com comp.lang.ada:19870
Date: 2002-02-11T16:49:10+00:00
List-Id: <comp.lang.ada>

On 11 Feb 2002 10:19:46 -0600, Larry Kilgallen <Kilgallen@SpamCop.net>
wrote in <XLQoaxSGta64@eisner.encompasserve.org>:

>  as to provide more protection.  But attempting to make the default
>  use of /tmp by an Ada program more secure than the default use of /tmp
>  by a shell script will be effective only if you also prevent use of
>  /tmp by shell scripts.

AIUI the problem is GNAT calling the mktemp(3) function to create it's
temporary file, which does not do a check for file existence and
creation in an atomic manner (ie. I can create a symlink with very
careful timing and clobber say, /etc/passwd).

The mkstemp(3) call does this check in an atmoic manner, thereby
avoiding the problem.

Shell scripts should use the mktemp(1) command to create temporary
files, which (on OpenBSD 2.9 and FreeBSD 4.5) uses the mkstemp(3)
library call and are thus OK from this perspective. I don't have
access to any other *nix boxes to check what they do.

- Aidan
-- 
aidan@velvet.net  http://www.velvet.net/~aidan/  aim:aidans42
finger for pgp key fingerprint: |-----------------------------
01AA 1594 2DB0 09E3 B850        | The lurkers support me in 
C2D0 9A2C 4CC9 3EC4 75E1        | email