2014-12-11 18:08 GMT+01:00 Rich Felker <[email protected]>: > How is this an improvement? It increases the code size and performs > unnecessary and potentially harmful filesystem operations. And it's > just covering up the "dangerous" issue rather than fixing it -- using > mkstemp then deleting the file and reusing the name is even MORE > dangerous than using mktemp, since creating the file even momentarily > exposed its name to an attacker. Of course if the code using the > mktemp utility is written correctly, neither is dangerous anyway.
Ok, so submitting this might have been a bit rushed - in fact I thought that this is the official upstream mktemp: http://www.mktemp.org/mktemp/ and it does exactly that: # strace ./mktemp -u execve("./mktemp", ["./mktemp", "-u"], [/* 40 vars */]) = 0 ... open("/tmp/tmp.AYcTpsHVko", O_RDWR|O_CREAT|O_EXCL, 0600) = 4 close(4) = 0 unlink("/tmp/tmp.AYcTpsHVko") = 0 ... exit_group(0) = ? But there's also an mktemp implementation in coreutils which doesn't create any files. Let's drop it. Bart _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
