[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Nmh-workers] Re: Diffs for replacing mktemp() usage

From: Earl Hood
Subject: Re: [Nmh-workers] Re: Diffs for replacing mktemp() usage
Date: Wed, 3 Feb 2010 08:11:26 -0600

On Wed, Feb 3, 2010 at 2:58 AM, Peter Maydell
<address@hidden> wrote:
> Earl Hood wrote:
>>Even though no one has convinced me that my new functions
>>still contain the race condition security problem,
> There was a URL in the old linked message I provided;
> the problem is in the presence of /tmp/ cleaners (which,
> yes, do exist even if there are problems with them).

I missed the /tmp cleaners.  Yes, that could be an
issue if the cleaner happens to run just as you are
running an nmh command and the cleaner is dumb to
remove the file even if it is recent, and them some
malicious user just happens to be trying to symlink

I'd have to question the skills of the sys admin that
set that up a cleaner that deleted files despite the

My latest changes causes tmp files to be put in
user's mail dir if no template is specified.

Note, looking more at the code, many commands change
the cwd to the user's mail dir.  They then call the
temp file routine (before my changes and after my changes
since I wanted to minimize risk to functionality) so
temp files are created in cwd.

Therefore, for most commands, temp files were already
being placed in the user's mail dir.  Where /tmp was
getting used were calls to m_tmpfil().  Those calls
were replaced with m_mktemp().  In my latest post
of m_mktemp.c, I changed the function so
m_maildir("") will be used instead of /tmp.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]