bug-bash
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: avoid mktemp/mkstemp internally


From: Chet Ramey
Subject: Re: avoid mktemp/mkstemp internally
Date: Thu, 19 May 2016 14:37:39 -0400
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:45.0) Gecko/20100101 Thunderbird/45.1.0

On 5/16/16 10:36 AM, Mike Frysinger wrote:

>> Because many traditional implementations of mktemp/mkstemp suck.
> 
> and many modern implementations work perfectly fine.  why is the default
> to penalize good/fixed versions ?  how about we flip this in config-top.h
> like the attached patch ?

Yes, we'll try that with correct names.  See what happens.

>>> the bash versions seem like it's pretty trivial to collide: it mixes
>>> current seconds count, current pid number, and a counter. 
>>
>> Not quite; the calls in bash mix in the return value from the system's
>> random().  Now, if that sucks too, you're going to lose.
> 
> except bash isn't calling srand anywhere that i can see, so you're
> iterating over the same values every time.  

Good catch, except you mean srandom().  I'll add in a call to that for the
fallback code.

-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU    address@hidden    http://cnswww.cns.cwru.edu/~chet/

Attachment: signature.asc
Description: OpenPGP digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]