Subject: Re: Per-user temp storage
To: Perry E. Metzger <firstname.lastname@example.org>
From: David Brownlee <email@example.com>
Date: 02/24/1997 20:25:09
On Mon, 24 Feb 1997, Perry E. Metzger wrote:
> > It would help if at least source in the tree used mkstemp() rather
> > than mktemp(), tmpnam(), tempnam().
> > Maybe add a warning for the above functions in a similar fashion
> > to 'gets()' - I believe OpenBSD did something like that a while
> > back.
> This is certainly useful, but it doesn't solve the "play with symlinks
> and deep directories during nightly find" problem.
Very much agreed - its a solution to some of the problems, and
it encourages good practice. Code should not be using mktemp() &
friends because even if NetBSD does 'wierd' things with /tmp, if
someone compiles up that code on another system they're wide open.
The earlier suggested changes to /tmp semantics also provide no
protection against the symlink attack on a nightly find, but
presumably that could be countered by changing find to maintain
a 'stack' of the inode numbers of each directory it chdir()s
into & stat()ing on the way back down, plus the usual combination
of lstat() & fstat() on the way up. There is a performance
penalty, but to paraphrase an old saying
"fast, secure, cheap - choose two"
Microsoft: Asks you where you want to go. NetBSD gets you there.
System Manager: Southern Studios Ltd, PO Box 59, London N22 1AR.
System Admin: MHM Internet, 14 Barley Mow Passage, Chiswick, London W4 4PH.
SysOP: Monochrome, Largest UK Internet BBS - 'telnet mono.org'.