Re: Secure temporary fifo creation

[Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>]

Philippe Troin <phil@fifi.org> writes:

> Greg Deitrick <gdeitrick@mylinuxisp.com> writes:
>
>> Hello,
>> 
>> What is the recommended method for securely creating a temporary named pipe in 
>> C code?
>> 
>> Looking at the man pages for various library calls it appears that tmpfile(3) 
>> is probably an acceptable means of creating a temporary file, but this 
>> returns a FILE *.  The upstram source I'm packaging needs to make a temporary 
>> fifo.  It uses tempnam(3) to get a temporary file name as a char *, and then 
>> mkfifo(3) to make the fifo named pipe from the file name.  Is this 
>> sufficiently secure?
>
> Not needed... This should be race-free:
>
>   char *s;
>   while (s = (tempnam("/tmp", "foo")) {
>     if (mknod(s, S_IFIFO|0600, 0) == 0)
>       break;
>     if (errno != EEXIST)
>       /* error */
>   }
>   if (!s)
>     /* error */

What happens if the 'tempnam' is a link to somehwere else? Does mknod
fail or create the fifo where the link points too?

> You might want to use tmpnam if maximum portability is needed.
>
> Phil.

MfG
        Goswin