first bunch of patches with mkstemp()

greg andruk gja at meowing.net
Wed Aug 8 09:44:12 UTC 2001


On Tue, Aug 07, 2001 at 03:47:28PM -0700, Russ Allbery wrote:

[on the mktemp thing'
> In both cases, all INN really needs is a temporary filename generator that
> can be completely predictable, since only INN can write to those
> directories.  Correct?

Sure.  It's really just the predictive DoS annoyance that's a possible
problem for those bits of INN, and if that's happening in INN's sandbox
there are much bigger problems to worry about.

It's kind of ridiculous that programs with reasonable uses for mktemp() are
pushed into rolling their own.

> If so, the easiest would probably be to just write a function that does
> only that, and then document that it shouldn't ever be used to create
> temporary files in world-writeable directories (and maybe through some
> checks into the function so that it refuses to generate file names in
> world-writeable directories).

Yep, that's really all that's needed.  Would the perm checks on incoming and
run be more something that innd and rnews should be worrying about when they
start?


More information about the inn-workers mailing list