Hi Francesco, On Sat, Mar 16, 2013 at 11:25:36PM +0100, Francesco Poli wrote [edited]: > On Sat, 16 Mar 2013 12:05:09 +0100 David Kalnischkies wrote: [..] > > Using a hook-defined fifoname rather than a random fifoname should be > > okay as the later isn't more secure than the former (if an attacker has > > root rights to write to it we are doomed anyway …) > > Please excuse my ignorance: isn't a pre-defined fifoname prone to a > symlink attack?
It's prone only in a publicly-writable directory, which is not the case for /var/run. > > and in fact creating > > a randomly named fifo could be hard in practice … > > Isn't there anything like mkstemp(3) for named pipes? I'm not aware of any -- but we can get away without one anyway. -- Every great idea is worthless without someone to do the work. --Neil Williams -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
