Re: Secure temporary fifo creation

To: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
Cc: gdeitrick@mylinuxisp.com, debian-security@lists.debian.org
Subject: Re: Secure temporary fifo creation
From: Philippe Troin <phil@fifi.org>
Date: 18 May 2004 06:04:36 -0700
Message-id: <[🔎] 871xlhrimz.fsf@ceramic.fifi.org>
In-reply-to: <[🔎] 87zn86gha8.fsf@mrvn.homelinux.org>
References: <[🔎] 200405171945.17148.gdeitrick@mylinuxisp.com> <[🔎] 87vfiua24c.fsf@ceramic.fifi.org> <[🔎] 87zn86gha8.fsf@mrvn.homelinux.org>

Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de> writes:

> Philippe Troin <phil@fifi.org> writes:
> 
> > Not needed... This should be race-free:
> >
> >   char *s;
> >   while (s = (tempnam("/tmp", "foo")) {
> >     if (mknod(s, S_IFIFO|0600, 0) == 0)
> >       break;
> >     if (errno != EEXIST)
> >       /* error */
> >   }
> >   if (!s)
> >     /* error */
> 
> What happens if the 'tempnam' is a link to somehwere else? Does mknod
> fail or create the fifo where the link points too?

It fails... The mknod(2) manpage specifies:

       If pathname already exists, or is  a  symlink,  this  call
       fails with an EEXIST error.

So the above code snippet should be safe.

Phil.

Reply to:

References:
- Secure temporary fifo creation
  - From: Greg Deitrick <gdeitrick@mylinuxisp.com>
- Re: Secure temporary fifo creation
  - From: Philippe Troin <phil@fifi.org>
- Re: Secure temporary fifo creation
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>

Prev by Date: Re: Large, constant incoming traffic
Next by Date: Marek Les is out of the office.
Previous by thread: Re: Secure temporary fifo creation
Next by thread: Re: Secure temporary fifo creation
Index(es):
- Date
- Thread