Re: [PATCH] Use an unique temporary multistrap file and remove it afterwards
On Sat, Jun 25, 2011 at 06:20:17PM +0200, Yann Dirson wrote:
> > With adding the Process ID to the temporary multistrap configuration file
> > makes it unique. This allows multiple invocations on the same time.
> > For multi user system as Linux is, is this important.
> While it is better than the original, it still allows for attacks -
> using a predictable filename in /tmp is always a security issue, and
> even the PID does make it imune to attacks (google for "tmp symlink
> attack" for details).
symlink attacks are hardly an issue because in contrast to other
bootstrapping tools polystrap is designed to work without superuser
> Please consider using tempfile(1) for safely getting a temporary file.
That was already done after I was made aware of the issue. Since files
in /tmp are generally a security issue, the tempfile is now created in
the current working directory.
Hope this now makes everybody happy :)
I was also thinking of using something like process substitution from
bash to circumvent the use of any temporary file (or fifo) but the
<(cmd) syntax is sadly bash-only.