On Wed, 12 Jun 2002, Muli Ben-Yehuda wrote:
> Using a secure, private directory was indeed the answer. Thanks to > everyone who replied. The code, for the curious, is available at > >http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/syscalltrack/syscalltrack/tests/tester.c?rev=1.25&content-type=text/vnd.viewcvs-markup > Look for dir_cleanup() and dir_setup(). Let me know if you poke any > holes in it ;) one thing i always question - how do you erase elements from a container you're currently scanning? in your 'dir_cleanup' code, you seem to be erasing file entries in the directory while you scan it. i do not know how this works - the man page does not say anything against this, as far as i can see. however, i do not trust such code. i usually prefer reading in all the info into memory (i see 'scandir' can do just that0, and then go on erasing it. perhaps its best to look at the code of 'rm -r' to make sure. or even better, just invoke 'system("/bin/rm -rf testdirpath")'? you also don't check the permissions of the parent directory of the directory in which the test is being carried up, in the dir_setup function - althought _perhaps_ this does not matter. here is a scenario: - the code/binary resides in a user's home dir. - the test creates a temporary dir, and cd-s into it. - the original user moves the directory containing the test (rename), and then creates a new directory with that name, and a directory with the name of the one created by the test program, which is actually a symlink to /etc. - if the test has any full-pathes in it, then the it might cause messes in the system. which is why its probably best to create the test dir under /tmp, after verifying that both '/' and '/tmp' belong to root ;) -- guy "For world domination - press 1, or dial 0, and please hold, for the creator." -- nob o. dy ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
