Jan Minar wrote:
> On Fri, Jul 18, 2008 at 3:45 PM, Ben Schmidt
> <[EMAIL PROTECTED]> wrote:
> >
> > Jan Minář wrote:
> >> mktemp(1) creates the file securely, with 0600 permissions. That's the
> >> whole point. There is no race condition. That's the whole point.
> >
> > Presuming the directory it's in is sticky or such so other users can't
> > change it. I suppose it probably is on most systems, but I doubt it is
> > on all... :-\
>
> Interesting! I never would have thought security of code running on a
> million platforms is going to be so much pain^H^H^H^Hfun!
>
> If creating a temporary file securely is possible at all, shouldn't
> mktemp(1) do just that? And if it doesn't, is Vim source code the
> right place to fix it?
mktemp is secure on most systems. Not everywhere though. But for this
purpose it's safe enough to assume it is. If mktemp isn't secure the
solution is to upgrade the system, since many more applications will
run into this problem. Making Vim's configure safe won't help much.
> The configure can just use a fixed file name in the current directory.
>
> Anyway, I have adapted some code from src/auto/configure that will
> work on systems without mktemp(1) -- patch attached.
There probably is a small security hole in this as well. A targeted
symlink attack might work. mktemp() is suppose to use a special open()
call that avoids symlinks and creates the file in a way it can't be
interrupted. I think it's better to rely on mktemp for that reason.
It's not something you can do in a shell.
--
They now pass three KNIGHTS impaled to a tree. With their feet off the
ground, with one lance through the lot of them, they are skewered up
like a barbecue.
"Monty Python and the Holy Grail" PYTHON (MONTY) PICTURES LTD
/// Bram Moolenaar -- [EMAIL PROTECTED] -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ download, build and distribute -- http://www.A-A-P.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
--~--~---------~--~----~------------~-------~--~----~
You received this message from the "vim_dev" maillist.
For more information, visit http://www.vim.org/maillist.php
-~----------~----~----~----~------~----~------~--~---
