[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [bug-enscript] enscript and temp file location
|
From: |
Tapani Tarvainen |
|
Subject: |
Re: [bug-enscript] enscript and temp file location |
|
Date: |
Sat, 26 Apr 2008 05:50:39 +0300 |
|
User-agent: |
Mutt/1.5.15+20070412 (2007-04-11) |
On Fri, Apr 25, 2008 at 05:36:17PM -0400, Shawn McMahon (address@hidden) wrote:
> Why wouldn't we just use the simpler example:
>
> char *filename;
> int fd;
>
> do {
> filename = tempnam (NULL, "foo");
> fd = open (filename, O_CREAT | O_EXCL | O_TRUNC | O_RDWR, 0600);
> free (filename);
> } while (fd == -1);
>
> I would think (naively, perhaps?) that would be plenty secure for
> what we're doing here, and would honor TMPDIR.
Perhaps secure enough for what you are doing, but not for everybody.
Enscript is being used also inside print spoolers in multiuser
machines in places where users cannot be trusted.
I'm afraid it wouldn't take long for an enterprising student would
take advantage of that race condition to hack print quotas,
for example.
Doing it securely doesn't really cost anything extra here.
--
Tapani Tarvainen