I am fully aware of the security issues having already written several helper tools. Stating that a temp text file written to /tmp is a security hole is really stretching it a bit.
NSTemporaryDirectory can't be used because there is no way to specify that path in Packagemaker. I did indeed end up installing a file into tmp and then having my plugin move it. Sent from my iPod On May 4, 2009, at 2:05 PM, Kyle Sluder <[email protected]> wrote: On Sat, May 2, 2009 at 5:07 PM, Fritz Anderson <[email protected]> wrote: For most purposes, it's enough for the plugin to write what it has learned into /tmp, for one of the scripts to act on. Do not use /tmp. Use NSTemporaryDirectory, which on Leopard is a user-specific directory. Using /tmp opens up a class of security vulnerabilities that might allow code execution in another user's context. Also, be very careful if you're trying to use temporary files to pass data from a non-privileged to a privileged process. You might introduce a race condition under which a malicious application could escalate its privileges by overwriting the contents of the temporary file between the non-privileged write and the privileged read. --Kyle Sluder _______________________________________________ Cocoa-dev mailing list ([email protected]) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to [email protected]
