On Sun, May 16, 2004 at 09:30:10PM -0500, Greg Deitrick wrote: > What is the recommended method for securely creating a temporary named pipe > in > C code? > > Looking at the man pages for various library calls it appears that tmpfile(3) > is probably an acceptable means of creating a temporary file, but this > returns a FILE *. The upstram source I'm packaging needs to make a temporary > fifo. It uses tempnam(3) to get a temporary file name as a char *, and then > mkfifo(3) to make the fifo named pipe from the file name. Is this > sufficiently secure? Should I post this to debian-security?
That method has exactly the same risks as taking no precautions at all, since tmpfile(3) deletes the file after opening it. Use mkdtemp(3) followed by mknod(2). -- - mdz
