Re: [Fwd: Etch's and Lenny's mktemp seriously broken]
On 2008-08-16 13:44 +0200, Tzafrir Cohen wrote:
> On Fri, Aug 15, 2008 at 10:56:06PM +0200, Sven Joachim wrote:
>> It opens precisely the can of worms that mktemp was supposed to close,
>> see the mktemp(1) and mktemp(3) manpages. Look for "symlink attack" in
>> your preferred Web search engine.
>
> And what BadThings happen due to that unlink?
An attacker may recreate the file as a symlink to some other file whose
contents will be overwritten when your shell script later writes to it.
Sven
Reply to: