[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#20241: Timezones should depend on debian-utils

Hi,
>>"Joey" == Joey Hess <joey@kitenet.net> writes:

Joey> Manoj Srivastava wrote:
>> (though my toruous shell script can serve to be a poor mans
>> tempfile if tempfile is not available.)

Joey> Not on my system, it can't! It has a race condition. As you
Joey> yourself said:

	Oh, simmer down, will ya. Nobody said to replace tempfile with
 my solution, just to use it when tempfile does no exist.


>> The non-tempfile solution is not quite as safe (since a link maybe
>> created ater we test for existence and before we create an empty
>> file, or after we remove and before we create the empty file, but
>> those windows are relatively small.

Joey> Yes, you have a race condition there. And yes, similar race
Joey> conditions have been successfully exploited.

	Where? Have you seen the exploitation mentioned somewhere, or
 is this wishful thinking?  I have seeen how the race conditions are
 exploited. This is not one of them. Have you really looked at thi, or
 is this a knee jerk reaction?

Joey> It doesn't matter how small the window is.

	Heh. And you run UNIX? 

Joey> A safe way to make a /tmp file:

Joey> mkdir /tmp/tmpdir || {
>> You can replace this with something else if you like, perhaps
>> something that tries another directory name.
Joey> echo unable to create temporary directory. Giving up. exit 1
>>
Joey> tmpfile=/tmp/tmpdir.$$/tmpfile

Joey> mkdir will abort if /tmp/tmpdir.$$ alreay exists, and is atomic
Joey> so it cannot be raced. (Warning: I am not a security
Joey> expert. However, I've seen this explained several times in the
Joey> past and I'm pretty sure this is the proper way to do it.)

	This suffers from more of a window than my method does. 
 rm -f $TEMPFILE && touch $TEMPFILE is safer than this.

	manoj
 who does happen to be a security expert
-- 
 He that we last as Thurn and Taxis knew Now recks no lord but the
 stilletto's Thorn, And Tacit lies the gold once-knotted horn. No
 hallowed skein of stars can ward, I trow, Who's once been set his
 tryst with Trystero. Richard Whorfinger, "The Courier's Tragedy"
Manoj Srivastava  <srivasta@acm.org> <http://www.datasync.com/%7Esrivasta/>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E


--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: