[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: Feature request: mktemp fifo

From: Stefan Behte
Subject: AW: Feature request: mktemp fifo
Date: Mon, 18 May 2009 14:15:22 +0200


and thanks for he fast reply. Surely it's possible that way, but that's two 
commands instead of just one. ;) .Well, that's just an excuse, of course it's 
ok that way - it just didn't come to my mind at that moment. :/

Best regards,

Stefan Behte

Babiel GmbH
Moskauer Str. 27
D-40227 Düsseldorf

Tel:    0211-179349 0
Fax:    0211-179349 29
E-Mail: address@hidden
Internet: http://www.babiel.com

Geschäftsführer: Georg Babiel, Dr. Rainer Babiel, Harald Babiel
Amtsgericht Düsseldorf HRB 38633

~~~~~~~~~~~~~~ DISCLAIMER ~~~~~~~~~~~~~~~

The information transmitted in this electronic mail message may contain 
confidential and or privileged materials. Any review, retransmission, 
dissemination or other use of or taking of any action in reliance upon, this 
information by persons or entities other than the intended recipient is 
prohibited. If you receive such e-mails in error, please contact the sender and 
delete the material from any computer.

-----Ursprüngliche Nachricht-----
Von: Eric Blake [mailto:address@hidden 
Gesendet: Montag, 18. Mai 2009 14:02
An: Stefan Behte
Cc: address@hidden
Betreff: Re: Feature request: mktemp fifo

Hash: SHA1

According to Stefan Behte on 5/18/2009 4:38 AM:
> Hi,
> the url http://www.gnu.org/software/coreutils/ says that this is the 
> appropriate address for feature requests, so I hereby request secure fifo 
> creation in mktemp, as I've stumbled upon a bug in a software that uses 
> /tmp/fifo.$$
> I think it would be a very useful feature against symlink attacks on fifos.

Would it be sufficient to rewrite your script to create a secure directory
(mktemp -d), then create the fifo within that directory?  In which case,
you can have a secure fifo without any changes to coreutils?

> The information transmitted in this electronic mail message may contain 
> confidential

[As a note of netiquette, it is frowned upon to send emails with these
disclaimers which are unenforceable on public mailing lists.  Some people
refuse to reply on principle, so you are artificially limiting your
audience.  You may want to consider using a different email account to
avoid using your employer's disclaimer.]

- --
Don't work too hard, make some time for fun as well!

Eric Blake             address@hidden
Version: GnuPG v1.4.9 (Cygwin)
Comment: Public key at home.comcast.net/~ericblake/eblake.gpg
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


reply via email to

[Prev in Thread] Current Thread [Next in Thread]