Re: Secure temporary fifo creation

To: debian-security@lists.debian.org
Subject: Re: Secure temporary fifo creation
From: George Georgalis <george@galis.org>
Date: Mon, 17 May 2004 21:19:24 -0400
Message-id: <[🔎] 20040518011924.GD19161@trot.local>
In-reply-to: <[🔎] 200405171945.17148.gdeitrick@mylinuxisp.com>
References: <[🔎] 200405171945.17148.gdeitrick@mylinuxisp.com>

On Mon, May 17, 2004 at 07:45:17PM -0500, Greg Deitrick wrote:
>Hello,
>
>What is the recommended method for securely creating a temporary named pipe in 
>C code?
>
>Looking at the man pages for various library calls it appears that tmpfile(3) 
>is probably an acceptable means of creating a temporary file, but this 
>returns a FILE *.  The upstram source I'm packaging needs to make a temporary 
>fifo.  It uses tempnam(3) to get a temporary file name as a char *, and then 
>mkfifo(3) to make the fifo named pipe from the file name.  Is this 
>sufficiently secure?

I'm not a c programmer but I think I understand the problem. You could
create a temp directory and a temp file, create the fifo in the temp dir
then move it to the temp file and remove the temp dir -- Which might be
better then the delay between getting the filename and making the fifo.

I assumed a temp dir is as easy to make as a tmp file in c, but I cannot
find how. Is it possible to make a temp file then change its file
descriptor to a fifo?

// George

-- 
George Georgalis, Architect and administrator, Linux services. IXOYE
http://galis.org/george/  cell:646-331-2027  mailto:george@galis.org
Key fingerprint = 5415 2738 61CF 6AE1 E9A7  9EF0 0186 503B 9831 1631

Reply to:

References:
- Secure temporary fifo creation
  - From: Greg Deitrick <gdeitrick@mylinuxisp.com>

Prev by Date: Secure temporary fifo creation
Next by Date: Re: Secure temporary fifo creation
Previous by thread: Secure temporary fifo creation
Next by thread: Re: Secure temporary fifo creation
Index(es):
- Date
- Thread