Re: [security question] creating tempfiles
On Wed, 31 Mar 1999, Dirk Eddelbuettel wrote:
> Akim, the a2ps author (whom I've added as a CC here) suggested using
>
> # Create the temporary directory with strict rights
> (umask 077 && mkdir $tmpdir) || exit 1
>
> in /usr/bin/texi2dvi4a2ps. This should be portable, and not require
> tempfile(1) which he can't assume to be present on all systems.
That's nearly the way I also create tempfiles. I prefer the following:
umask 077
tmpdir=${TMPDIR-/tmp}/foo.$$
mkdir $tmpdir || exit 1
trap "rm -rf $tmpdir; exit" 0 1 2 3 15
"foo" is specific for the script creating the tmpdir. Please don't
forget to make the base directory for tmpfiles configureable by
${TMPDIR-/tmp} which is way tempfile(1) and tempnam(3) use, too.
The trap is used to remove the tmpdir when the script terminates (if
you need, you can additionally tunnel the exit value here).
> Could someone kindly try to poke a hole into this? As the temp.
> directory is created with a strict mask in an atomic operation, we
> should be fine.
I hope so.
Ciao
Roland
--
* roland@spinnaker.de * http://www.spinnaker.de/ *
PGP: 1024/DD08DD6D 2D E7 CC DE D5 8D 78 BE 3C A0 A4 F1 4B 09 CE AF
Reply to: