-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 According to Stefan Behte on 5/18/2009 4:38 AM: > Hi, > > the url http://www.gnu.org/software/coreutils/ says that this is the > appropriate address for feature requests, so I hereby request secure fifo > creation in mktemp, as I've stumbled upon a bug in a software that uses > /tmp/fifo.$$ > I think it would be a very useful feature against symlink attacks on fifos.
Would it be sufficient to rewrite your script to create a secure directory (mktemp -d), then create the fifo within that directory? In which case, you can have a secure fifo without any changes to coreutils? > The information transmitted in this electronic mail message may contain > confidential [As a note of netiquette, it is frowned upon to send emails with these disclaimers which are unenforceable on public mailing lists. Some people refuse to reply on principle, so you are artificially limiting your audience. You may want to consider using a different email account to avoid using your employer's disclaimer.] - -- Don't work too hard, make some time for fun as well! Eric Blake [email protected] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Cygwin) Comment: Public key at home.comcast.net/~ericblake/eblake.gpg Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkoRTkcACgkQ84KuGfSFAYCOwgCfaP+wNWCQTuoc2JgMlu7uJtaf rpoAn3pnNBh/KuZoS+sOd+Iw0J/1OcDB =lK9e -----END PGP SIGNATURE----- _______________________________________________ Bug-coreutils mailing list [email protected] http://lists.gnu.org/mailman/listinfo/bug-coreutils
