Re: Bug#20241: Timezones should depend on debian-utils
Hi,
>>"Joey" == Joey Hess <joey@kitenet.net> writes:
Joey> Manoj Srivastava wrote:
>> (though my toruous shell script can serve to be a poor mans
>> tempfile if tempfile is not available.)
Joey> Not on my system, it can't! It has a race condition. As you
Joey> yourself said:
Oh, simmer down, will ya. Nobody said to replace tempfile with
my solution, just to use it when tempfile does no exist.
>> The non-tempfile solution is not quite as safe (since a link maybe
>> created ater we test for existence and before we create an empty
>> file, or after we remove and before we create the empty file, but
>> those windows are relatively small.
Joey> Yes, you have a race condition there. And yes, similar race
Joey> conditions have been successfully exploited.
Where? Have you seen the exploitation mentioned somewhere, or
is this wishful thinking? I have seeen how the race conditions are
exploited. This is not one of them. Have you really looked at thi, or
is this a knee jerk reaction?
Joey> It doesn't matter how small the window is.
Heh. And you run UNIX?
Joey> A safe way to make a /tmp file:
Joey> mkdir /tmp/tmpdir || {
>> You can replace this with something else if you like, perhaps
>> something that tries another directory name.
Joey> echo unable to create temporary directory. Giving up. exit 1
>>
Joey> tmpfile=/tmp/tmpdir.$$/tmpfile
Joey> mkdir will abort if /tmp/tmpdir.$$ alreay exists, and is atomic
Joey> so it cannot be raced. (Warning: I am not a security
Joey> expert. However, I've seen this explained several times in the
Joey> past and I'm pretty sure this is the proper way to do it.)
This suffers from more of a window than my method does.
rm -f $TEMPFILE && touch $TEMPFILE is safer than this.
manoj
who does happen to be a security expert
--
He that we last as Thurn and Taxis knew Now recks no lord but the
stilletto's Thorn, And Tacit lies the gold once-knotted horn. No
hallowed skein of stars can ward, I trow, Who's once been set his
tryst with Trystero. Richard Whorfinger, "The Courier's Tragedy"
Manoj Srivastava <srivasta@acm.org> <http://www.datasync.com/%7Esrivasta/>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: