From: Florian Weimer <Florian.Weimer@RUS.Uni-Stuttgart.DE>
Subject: Re: C vs. Ada - strings
Date: 2000/05/09
Date: 2000-05-09T00:00:00+00:00 [thread overview]
Message-ID: <tgaehz23ia.fsf@mercury.rus.uni-stuttgart.de> (raw)
In-Reply-To: 8f2nsf$7eo$1@nnrp1.deja.com
Robert Dewar <robert_dewar@my-deja.com> writes:
[Don't use tmpfile()]
> Now there's FUD if I ever saw it!
Certainly it is, but it is appropriate in this case, I think.
For example, the GNU/Linux implementation of tmpfile() had a race
condition which permitted every local user to open the temporary file,
and this bug was not fixed until GNU libc 2.0.6 (and it is still there
in libc4/libc5). This bug is very hard to spot on a running system
(unless someone is actually exploiting it or you have a system call
logger), and obviously, nobody looked at the source code.
> To the extent that this is an effective argument, it can
> presumably be used for all xxxx :-)
The temporary file generation functions are very critical, many
security breaches (by local users) are due to insecure temporary
files. The problem is very subtle, and you can tell a broken
implementation from a correct one only by looking at the source code
or at a verbose system call trace. In fact, I believe that tmpfile()
is implemented wrong on a number of additional platforms, but I
couldn't check because I neither have source code nor a system call
tracer for these platforms!
--
Florian Weimer Florian.Weimer@RUS.Uni-Stuttgart.DE
University of Stuttgart http://cert.uni-stuttgart.de/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898
http://ca.uni-stuttgart.de:11371/pks/lookup?op=get&search=0xC06EC3B5
next prev parent reply other threads:[~2000-05-09 0:00 UTC|newest]
Thread overview: 74+ messages / expand[flat|nested] mbox.gz Atom feed top
2000-05-02 0:00 C vs. Ada - strings Wes Groleau
2000-05-02 0:00 ` Larry Kilgallen
2000-05-02 0:00 ` Ted Dennison
2000-05-03 0:00 ` Wes Groleau
2000-05-03 0:00 ` Ted Dennison
2000-05-03 0:00 ` Pascal Obry
2000-05-03 0:00 ` Keith Thompson
2000-05-04 0:00 ` Wes Groleau
2000-05-18 0:00 ` Pete
2000-05-18 0:00 ` dale
2000-05-18 0:00 ` Robert A Duff
2000-05-19 0:00 ` dale
2000-05-21 0:00 ` Robert Dewar
2000-05-22 0:00 ` Robert A Duff
2000-05-22 0:00 ` Keith Thompson
2000-05-24 0:00 ` 'img Peter Hermann
2000-05-24 0:00 ` 'img Robert Dewar
2000-05-24 0:00 ` 'img Ted Dennison
2000-05-25 0:00 ` 'img Robert Dewar
2000-05-25 0:00 ` 'img Peter Hermann
2000-05-25 0:00 ` 'img Keith Thompson
2000-05-25 0:00 ` 'img Ted Dennison
2000-05-26 0:00 ` 'img dmitry
2000-05-26 0:00 ` 'img Brian Rogoff
2000-05-26 0:00 ` 'img Robert Dewar
2000-05-26 0:00 ` 'img Robert Dewar
2000-05-19 0:00 ` C vs. Ada - strings Geoff Bull
2000-05-19 0:00 ` mike
2000-05-21 0:00 ` Robert Dewar
2000-06-03 0:00 ` Pete
2000-06-03 0:00 ` Java vs. Ada - strings (was: C vs. Ada - strings) Ted Dennison
2000-06-04 0:00 ` Robert I. Eachus
2000-06-04 0:00 ` Pete
2000-06-04 0:00 ` Jean-Pierre Rosen
2000-06-04 0:00 ` Pete
2000-06-05 0:00 ` Jean-Pierre Rosen
2000-06-05 0:00 ` Ted Dennison
2000-06-05 0:00 ` Marin D. Condic
2000-06-05 0:00 ` David Botton
2000-06-05 0:00 ` Marin D. Condic
2000-06-06 0:00 ` Robert A Duff
2000-06-06 0:00 ` Ken Garlington
2000-06-06 0:00 ` Marin D. Condic
2000-06-03 0:00 ` C vs. Ada - strings Ken Garlington
2000-06-03 0:00 ` Ted Dennison
2000-06-04 0:00 ` Ken Garlington
2000-06-04 0:00 ` Dale Stanbrough
2000-05-04 0:00 ` Ole-Hjalmar Kristensen
2000-05-04 0:00 ` Gautier
2000-05-02 0:00 ` Robert A Duff
2000-05-03 0:00 ` Tarjei T. Jensen
2000-05-03 0:00 ` Charles Hixson
2000-05-04 0:00 ` Robert Dewar
2000-05-04 0:00 ` Charles Hixson
2000-05-06 0:00 ` Tarjei Tj�stheim Jensen
2000-05-03 0:00 ` Wes Groleau
2000-05-03 0:00 ` Tarjei Tj�stheim Jensen
2000-05-03 0:00 ` Ted Dennison
2000-05-04 0:00 ` Robert Dewar
2000-05-04 0:00 ` Hyman Rosen
2000-05-04 0:00 ` Jon S Anthony
2000-05-04 0:00 ` Robert Dewar
2000-05-04 0:00 ` Robert A Duff
2000-05-04 0:00 ` Robert Dewar
2000-05-05 0:00 ` Florian Weimer
2000-05-05 0:00 ` Pascal Obry
2000-05-05 0:00 ` Hyman Rosen
2000-05-06 0:00 ` Tarjei Tj�stheim Jensen
2000-05-06 0:00 ` Florian Weimer
2000-05-07 0:00 ` Robert Dewar
2000-05-09 0:00 ` Florian Weimer [this message]
2000-05-05 0:00 ` Florian Weimer
2000-05-05 0:00 ` Robert Dewar
2000-05-05 0:00 ` Ted Dennison
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox