Re: Feature request: mktemp fifo

[Eric Blake]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

According to Stefan Behte on 5/18/2009 4:38 AM:
> Hi,
> 
> the url http://www.gnu.org/software/coreutils/ says that this is the 
> appropriate address for feature requests, so I hereby request secure fifo 
> creation in mktemp, as I've stumbled upon a bug in a software that uses 
> /tmp/fifo.$$
> I think it would be a very useful feature against symlink attacks on fifos.

Would it be sufficient to rewrite your script to create a secure directory
(mktemp -d), then create the fifo within that directory?  In which case,
you can have a secure fifo without any changes to coreutils?

> The information transmitted in this electronic mail message may contain 
> confidential

[As a note of netiquette, it is frowned upon to send emails with these
disclaimers which are unenforceable on public mailing lists.  Some people
refuse to reply on principle, so you are artificially limiting your
audience.  You may want to consider using a different email account to
avoid using your employer's disclaimer.]

- --
Don't work too hard, make some time for fun as well!

Eric Blake             address@hidden
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
Comment: Public key at home.comcast.net/~ericblake/eblake.gpg
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkoRTkcACgkQ84KuGfSFAYCOwgCfaP+wNWCQTuoc2JgMlu7uJtaf
rpoAn3pnNBh/KuZoS+sOd+Iw0J/1OcDB
=lK9e
-----END PGP SIGNATURE-----