Subject: Re: CVS commit: src/usr.sbin/lpr/lpd
To: matthew green <email@example.com>
From: Jaromir Dolecek <jdolecek@NetBSD.org>
Date: 12/02/2005 19:50:45
On Mon, Nov 28, 2005 at 08:38:28AM +1100, matthew green wrote:
> On Mon, Nov 28, 2005 at 08:27:31AM +1100, matthew green wrote:
> > Log Message:
> > the mktemp() use here is not OK, adjust comment
> > how is it not safe?
> There is a race between mktemp() call and actually creating the
> temporaty file, isn't there? Both mktemp() usages are quite easily
> convertible to mkstemp(), BTW.
> what race? the file is created in a protected directory.
> mkstemp() is probably the right answer, but this code isn't currently
> unsafe as far as i can tell.
Yeah, it's being created in print spool directory, so it's not
a general security issue.
However, it's unsafe versus parallelly running printing jobs.
Though I'm not sure if that could actually happen (does lpd run more
then one printing job at any time), it's still a potential problem.
Jaromir Dolecek <jdolecek@NetBSD.org> http://www.NetBSD.cz/
-=- We can walk our road together if our goals are all the same; -=-
-=- We can run alone and free if we pursue a different aim. -=-