Re: Secure temporary fifo creation
Greg Deitrick <gdeitrick@mylinuxisp.com> writes:
> Hello,
>
> What is the recommended method for securely creating a temporary named pipe in
> C code?
>
> Looking at the man pages for various library calls it appears that tmpfile(3)
> is probably an acceptable means of creating a temporary file, but this
> returns a FILE *. The upstram source I'm packaging needs to make a temporary
> fifo. It uses tempnam(3) to get a temporary file name as a char *, and then
> mkfifo(3) to make the fifo named pipe from the file name. Is this
> sufficiently secure?
Not needed... This should be race-free:
char *s;
while (s = (tempnam("/tmp", "foo")) {
if (mknod(s, S_IFIFO|0600, 0) == 0)
break;
if (errno != EEXIST)
/* error */
}
if (!s)
/* error */
You might want to use tmpnam if maximum portability is needed.
Phil.
Reply to: