Hi,
Andreas Tille wrote:
> On Mon, 22 Dec 2008, Thomas Viehmann wrote:
>
>> Oh, and if you really care, be sure that it's a regular file (not a
>> symlink pointing to something) owned by yourself before using it as a
>> hint to kill your processes.
>
> Thanks for your hints. I've prepared a patch at
>http://svn.debian.org/wsvn/debian-med/trunk/packages/arb/trunk/debian/patches/tmpfile_CVE-2008-5378.patch?op=file&rev=0&sc=0
The creation of tempfiles in shell looks OK save the processing of the
exit code (unless you set -e or somesuch) and the hardcoding of /tmp,
for the C side, let me quote the manpage (man 3 mktemp):
Never use mktemp().
(This is what I meant with my comment to think about securely created
filenames instead of files, you need to use mk*s*temp which has
different semantics).
The killing part is also still somewhat wrong, IMO you want something
along the lines of
x=$(stat -c '%u %f' x) ; [ "${x%???}" == "$UID 8" ] || echo fail
to test whether it's a regular file that you own (though there is bound
to be a prettier way to verify that, even if [ -f ... ] is not part of it).
Kind regards
T.
--
Thomas Viehmann, http://thomas.viehmann.net/
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
