[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [security question] creating tempfiles

On Wed, 31 Mar 1999, Dirk Eddelbuettel wrote:

> Akim, the a2ps author (whom I've added as a CC here) suggested using
>       # Create the temporary directory with strict rights
>       (umask 077 && mkdir $tmpdir) || exit 1
> in /usr/bin/texi2dvi4a2ps. This should be portable, and not require
> tempfile(1) which he can't assume to be present on all systems.

That's nearly the way I also create tempfiles. I prefer the following:

umask 077
mkdir $tmpdir || exit 1
trap "rm -rf $tmpdir; exit" 0 1 2 3 15

"foo" is specific for the script creating the tmpdir. Please don't
forget to make the base directory for tmpfiles configureable by
${TMPDIR-/tmp} which is way tempfile(1) and tempnam(3) use, too.
The trap is used to remove the tmpdir when the script terminates (if
you need, you can additionally tunnel the exit value here).

> Could someone kindly try to poke a hole into this? As the temp.
> directory is created with a strict mask in an atomic operation, we
> should be fine.

I hope so.



 * roland@spinnaker.de * http://www.spinnaker.de/ *
 PGP: 1024/DD08DD6D   2D E7 CC DE D5 8D 78 BE  3C A0 A4 F1 4B 09 CE AF

Reply to: