On Sun, Jul 20, 2008 at 3:01 PM, Bram Moolenaar <[EMAIL PROTECTED]> wrote: > > Jan Minar wrote: >> Anyway, I have adapted some code from src/auto/configure that will >> work on systems without mktemp(1) -- patch attached. > > There probably is a small security hole in this as well. A targeted > symlink attack might work. mktemp() is suppose to use a special open()
All the files are being created in the current directory... I can't
see how? It's just that on systems without mktemp(1), the configure
wouldn't break (well it will, with a very low probability).
Of interest to this discussion may be that he piece of code uses a
Here Document, which is, at least on some systems, implemented by...
securely creating a file in the temporary directory. Attached is a
strace(1) of how bash(1) does it. The interesting bits:
32329 open("/tmp/sh-thd-1216551240", O_WRONLY|O_CREAT|O_EXCL|O_TRUNC, 0600) = 3
32329 open("/tmp/sh-thd-1216551240", O_RDONLY) = 4
32329 unlink("/tmp/sh-thd-1216551240") = 0
Have a nice Sunday!
Jan Minar
--~--~---------~--~----~------------~-------~--~----~
You received this message from the "vim_dev" maillist.
For more information, visit http://www.vim.org/maillist.php
-~----------~----~----~----~------~----~------~--~---
here-document.strace
Description: Binary data
