Subject: Re: mktemp() warning lossage?
To: None <tech-security@NetBSD.ORG, jonathan@NetBSD.ORG>
From: Warner Losh <email@example.com>
Date: 03/24/1997 13:35:58
In message <199703241000.CAA26421@Pescadero.DSG.Stanford.EDU> Jonathan Stone writes:
: Are there races in step 2) that are equivalent to the races that exist
: when using mktemp()? Isn't directory creation ``atomic''?
mkdir is atomic, as is unlink. Their use together isn't, but if mkdir
succeeds, then you know that you own the directory. You still have a
small potential if one of the directories in the path is world
writable (since you can swap out symlinks), so you still have to be a
little careful One directory in this context means any directory
that isn't the last one in the path (eg /tmp doesn't qualify, but