tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: A couple of questions

On Fri, Nov 02, 2012 at 06:45:43PM -0700, Paul Goyette wrote:
> 1. The kern/mqueue test currently contains a hard-coded pathname for the 
> name of the message_queue.  It seems to me that it would be more correct 
> to use mktemp(3), except that that leads to possible race conditions (as 
> noted in the mktemp(3) man page).  While there is an mkstemp(3) for use 
> with normal files, it's not clear how you would "convert" the returned 
> file descriptor to a message_queue descriptor.  If anyone has any clue, 
> it would be appreciated.

Seriously -- while the old saying goes that all tests should be as high
quality as the production code -- I am not sure we can follow this fine
principle with tests(7). I can only assume that e.g. inducing root to run
the tests would reveal numerous potential vulnerabilities. Yet, several of
the reproducable bugs we've found are only available to the root, even with
rump and all.

- Jukka.

Home | Main Index | Thread Index | Old Index