I am fully aware of the security issues having already written several helper
tools. Stating that a temp text file written to /tmp is a security hole is
really stretching it a bit.
NSTemporaryDirectory can't be used because there is no way to specify that path
in Packagemaker. I did indeed end up installing a file into tmp and then having
my plugin move it.
Sent from my iPod
On May 4, 2009, at 2:05 PM, Kyle Sluder <kyle.slu...@gmail.com> wrote:
On Sat, May 2, 2009 at 5:07 PM, Fritz Anderson <fri...@manoverboard.org> wrote:
For most purposes, it's enough for the plugin to write what it has learned
into /tmp, for one of the scripts to act on.
Do not use /tmp. Use NSTemporaryDirectory, which on Leopard is a
user-specific directory. Using /tmp opens up a class of security
vulnerabilities that might allow code execution in another user's
context.
Also, be very careful if you're trying to use temporary files to pass
data from a non-privileged to a privileged process. You might
introduce a race condition under which a malicious application could
escalate its privileges by overwriting the contents of the temporary
file between the non-privileged write and the privileged read.
--Kyle Sluder
_______________________________________________
Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com
This email sent to arch...@mail-archive.com
