Re: Secure temporary fifo creation
On Mon, May 17, 2004 at 07:45:17PM -0500, Greg Deitrick wrote:
>Hello,
>
>What is the recommended method for securely creating a temporary named pipe in
>C code?
>
>Looking at the man pages for various library calls it appears that tmpfile(3)
>is probably an acceptable means of creating a temporary file, but this
>returns a FILE *. The upstram source I'm packaging needs to make a temporary
>fifo. It uses tempnam(3) to get a temporary file name as a char *, and then
>mkfifo(3) to make the fifo named pipe from the file name. Is this
>sufficiently secure?
I'm not a c programmer but I think I understand the problem. You could
create a temp directory and a temp file, create the fifo in the temp dir
then move it to the temp file and remove the temp dir -- Which might be
better then the delay between getting the filename and making the fifo.
I assumed a temp dir is as easy to make as a tmp file in c, but I cannot
find how. Is it possible to make a temp file then change its file
descriptor to a fifo?
// George
--
George Georgalis, Architect and administrator, Linux services. IXOYE
http://galis.org/george/ cell:646-331-2027 mailto:george@galis.org
Key fingerprint = 5415 2738 61CF 6AE1 E9A7 9EF0 0186 503B 9831 1631
Reply to: