lynx-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)]

From: Kari E. Hurtta
Subject: Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)]
Date: Wed, 7 May 1997 16:24:45 +0300 (EDT) 
Hynek Med:
> On Tue, 6 May 1997, Klaus Weide wrote:
> 
> > On Tue, 6 May 1997, Henri Torgemane wrote:
> > 
> > > Subject: LYNX-DEV [Fwd: BoS:       A vulnerability in Lynx (all versions)]
> > > 
> > > Here's something posted yesterday on a security mailing list.
> > > You may want to look at it.
> > 
> > Something like the appended wrapper shell script should prevent this.
> > [ Of course, no guarantees.  Comments?? ]
> 
> Well, it surely works, but I think this should be done from within lynx.
> Lynx should have a function for creating temporary files, that should:
> 
> a) create the file with 600 pemissions anyway, to guarantee privacy
> b) pick a very random name for the file
> c) check if the file about to be created isn't already a symlink/hardlink
> d) optionally do all this in a subdirectory with 700 permissions as your
> script suggests
> 
> I don't know any C, does some kind of standart mktemp() function do this
> all? Is it available on all systems?

There is race condition on mktemp. Quotes from manual page (of IRIX):

|SYNOPSIS
|     #include <stdio.h>
|
|     char *mktemp (char *template);
|
|     int mkstemp(char *template);
|
|DESCRIPTION
|     Mktemp replaces the contents of the string pointed to by template by a
|     unique file name, and returns the address of template.  The string in
|     template should look like a file name with six trailing Xs; mktemp will
|     replace the Xs with a string that can be used to create a unique file
|     name.
|
|     Mkstemp makes the same replacement to the template but returns a file
|     descriptor for the template file open for reading and writing.  Mkstemp
|     avoids the race between testing whether the file exists and opening it
|     for use.
|
|     The mkstemp routine is from the 4.3BSD standard C library.

/ Kari Hurtta
;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;
reply via email to
[Prev in Thread] Current Thread [Next in Thread]