Re: Secure temporary fifo creation

To: gdeitrick@mylinuxisp.com
Cc: debian-security@lists.debian.org
Subject: Re: Secure temporary fifo creation
From: Philippe Troin <phil@fifi.org>
Date: 17 May 2004 19:41:07 -0700
Message-id: <[🔎] 87vfiua24c.fsf@ceramic.fifi.org>
In-reply-to: <[🔎] 200405171945.17148.gdeitrick@mylinuxisp.com>
References: <[🔎] 200405171945.17148.gdeitrick@mylinuxisp.com>

Greg Deitrick <gdeitrick@mylinuxisp.com> writes:

> Hello,
> 
> What is the recommended method for securely creating a temporary named pipe in 
> C code?
> 
> Looking at the man pages for various library calls it appears that tmpfile(3) 
> is probably an acceptable means of creating a temporary file, but this 
> returns a FILE *.  The upstram source I'm packaging needs to make a temporary 
> fifo.  It uses tempnam(3) to get a temporary file name as a char *, and then 
> mkfifo(3) to make the fifo named pipe from the file name.  Is this 
> sufficiently secure?

Not needed... This should be race-free:

  char *s;
  while (s = (tempnam("/tmp", "foo")) {
    if (mknod(s, S_IFIFO|0600, 0) == 0)
      break;
    if (errno != EEXIST)
      /* error */
  }
  if (!s)
    /* error */

You might want to use tmpnam if maximum portability is needed.

Phil.

Reply to:

Follow-Ups:
- Re: Secure temporary fifo creation
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>

References:
- Secure temporary fifo creation
  - From: Greg Deitrick <gdeitrick@mylinuxisp.com>

Prev by Date: Re: Secure temporary fifo creation
Next by Date: unsubscribe
Previous by thread: Re: Secure temporary fifo creation
Next by thread: Re: Secure temporary fifo creation
Index(es):
- Date
- Thread