Hi, Andreas Tille wrote: > 2. Make the temp file save against symlink attacks. The question > I have for this case which should probably be prefered is: How > can I savely teach an independent script about the PIDs of a > crashed program that should be stopped. I think random file names > will not really work here or do I miss something? How about using mkstemp with a prefix containing the pid (i.e. template foo_$PID_XXXXXX) and have other programs discard the random part. The main thing here is that he file must be created in a way that ensures the file to be created does not exist, not that it must not contain a pattern. By the way, if you permit the nitpicking: "random file name" may be true for efficiency reasons, but the security aspect reaches beyond that (by excluding that the filename to be created is used by chance), so it's best not to think about "file with a safe name", but about "safely created file".
Kind regards T. -- Thomas Viehmann, http://thomas.viehmann.net/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
