LYNX-DEV Re: ...vulnerability in Lynx...

[Klaus Weide]

On Wed, 7 May 1997, Scott McGee (Personal) wrote:

> OK, let me jump into to forray here.
> 
> How about doing the following:
> 
> define a symbol (has_mkstemp) based on the availiblity of this function
> use code like this:
> 
> #if has_mkstemp
>   <use mkstemp to create filename and open file>
> #else
>   <use mktemp to create filename>
>   <open file>
> #endif
>   <continue>
[...]
This doesn't seem to adapt well to the way Lynx uses many of its
temporary files.  Files are created and written and closed; then opened
for reading in totally different modules.  After that they may have to
be read multiple times, in an unpredictable pattern (depends on what the
user does).  And then they may be opened for (over)writing again, which
will automatically ensure that there aren't multiple versions of a
"History List" temp file around.

The different modules pass the file only as a filename (or URL) between
each other, not as a (FILE *).  Modifying this would require some major
restructuring.  The "security" of mkstemp() seems to rely on files
being passed as open FILE pointers, and filenames not being reused.  (Of
course I may be missing something obvious here...)

Also some things require the temp file to have a specific ending (like
".html" or ".txt") to work correctly.  Soemthing mkstemp() cannot do,
since it wants to modify the *last* six filename characters.

Maybe all this can be modified, but simply saying "just use mkstemp()"
doesn't get us very far.  IMHO, AFAICT.

Are you volunteering? :)

   Klaus

;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;