[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CVE-2008-5378: possible symlink attacks


Andreas Tille wrote:
>   2. Make the temp file save against symlink attacks.  The question
>      I have for this case which should probably be prefered is: How
>      can I savely teach an independent script about the PIDs of a
>      crashed program that should be stopped.  I think random file names
>      will not really work here or do I miss something?
How about using mkstemp with a prefix containing the pid (i.e. template
foo_$PID_XXXXXX) and have other programs discard the random part. The
main thing here is that he file must be created in a way that ensures
the file to be created does not exist, not that it must not contain a
By the way, if you permit the nitpicking: "random file name" may be true
for efficiency reasons, but the security aspect reaches beyond that (by
excluding that the filename to be created is used by chance), so it's
best not to think about "file with a safe name", but about "safely
created file".

Kind regards

Thomas Viehmann, http://thomas.viehmann.net/

Reply to: