Kris Kennaway wrote:
> On Sat, 10 Jun 2000, Kris Kennaway wrote:
> > Given the other replies in this thread I think I'll just remove the PID
> > stuff altogether and make the temp filename only constructed from
> > alphanumeric character. The price is that there's a chance of collision
> > between two programs who mktemp() and come up with the same random
> > filename, which is a theoretical security risk (at present only something
> > with the same PID can come up with a colliding tempfile name) but the
> > probability is altogether pretty small. I'll do some calculations to
> > estimate the exact level of risk here.
> Actually, it's not of course a security risk in the new algorithm (this is
> mktemp() after all), but it's a potential failure mode which can cause
> applications to fail in ways they otherwise wouldn't (with some very low
> probability) on a normal system. But, I don't think it's a big enough
> problem to worry about (numbers still coming :-)

It's not a new situation, any application that can write to /tmp can
files that collide with other program's use of mktemp().

Jeroen C. van Gelderen          o      _     _         _
[EMAIL PROTECTED]  _o     /\_   _ \\o  (_)\__/o  (_)
                      _< \_   _>(_) (_)/<_    \_| \   _|/' \/
                     (_)>(_) (_)        (_)   (_)    (_)'  _\o_

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to