[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bug#278283: insecure temporary file usage in gettextize and autopoin
From: |
Bruno Haible |
Subject: |
Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd) |
Date: |
Tue, 26 Oct 2004 15:40:46 +0200 |
User-agent: |
KMail/1.5 |
Upon the question:
> > Do you have a suggestion how to create temporary files in /tmp in a
> > secure way, even on platforms without 'mktemp' program?
Alexandre Duret-Lutz wrote:
> Here is what AS_TMPDIR([foo]) produces.
Aha! So you mean to say, the only way to securely create a file using usual
shell script constructs like
filename=`command to compute a temp filename`
echo "some contents" > $filename
is to make filename sit in a temporary directory under /tmp, not directly
in /tmp ?
> # Create a temporary directory, and hook for its removal unless debugging.
> $debug ||
> {
> trap 'exit_status=$?; rm -rf $tmp && exit $exit_status' 0
> trap '{ (exit 1); exit 1; }' 1 2 13 15
> }
>
> # Create a (secure) tmp directory for tmp files.
>
> : ${TMPDIR=/tmp}
>
> {
> tmp=`(umask 077 && mktemp -d -q "$TMPDIR/fooXXXXXX") 2>/dev/null` &&
> test -n "$tmp" && test -d "$tmp"
> } ||
> {
> tmp=$TMPDIR/foo$$-$RANDOM
> (umask 077 && mkdir $tmp)
> } ||
> {
> echo "$me: cannot create a temporary directory in $TMPDIR" >&2
> { (exit 1); exit 1; }
> }
Not bad, but still not perfect: mktemp is not a POSIX standardized
utility, and $RANDOM is bash specific. So what do you propose on POSIX
systems without mktemp and bash? Just fall back on the unsecure foo$$
pattern? Or ship an mktemp.c with the package, to be compiled by
'configure' very early?
It would be nice if we could write up the result of this discussion, when
finished, in the autoconf manual.
http://www.gnu.org/software/autoconf/manual/autoconf-2.57/html_chapter/autoconf_10.html
Bruno
- Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd), Santiago Vila, 2004/10/25
- Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd), Paul Jarc, 2004/10/26
- Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd), Alexandre Duret-Lutz, 2004/10/26
- Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd), Bruno Haible, 2004/10/26
- Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd), Paul Eggert, 2004/10/26