[11538] in bugtraq
Re: Insecure use of file in /tmp by trn
daemon@ATHENA.MIT.EDU (Ben Pfaff)
Sat Aug 28 02:52:14 1999
Message-Id: <87zozhnm0n.fsf@pfaffben.user.msu.edu>
Date: Tue, 24 Aug 1999 13:09:28 -0400
Reply-To: pfaffben@msu.edu
From: Ben Pfaff <pfaffben@MSU.EDU>
X-To: Rogier Wolff <R.E.Wolff@BITWIZARD.NL>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: Rogier Wolff's message of "Mon, 23 Aug 1999 08:49:24 +0200"
Rogier Wolff <R.E.Wolff@BITWIZARD.NL> writes:
Creating a tempfile from a C program is possible since we have a
mkstmp call. It is sufficiently tricky that I wouldn't dare
replicating the functionality myself. Creating a private directory in
/tmp and putting the tempfiles in there might be the only solution for
shell scripts.
Debian uses a program called `mktemp' to create temporary files in
shell scripts. Other distributions might well adopt this or a similar
solution. An excerpt from its manpage is enclosed below.
SYNOPSIS
mktemp [-q] [-u] template
DESCRIPTION
The mktemp utility takes the given file name template and overwrites a
portion of it to create a file name. This file name is unique and suit-
able for use by the application. The template is any file name with six
`Xs' appended to it, for example /tmp/temp.XXXXXX. The `Xs' are replaced
with the current process number and/or a unique letter combination.
Roughly 26 ** 6 combinations are tried.
If mktemp can successfully generate a unique file name, the file is cre-
ated with mode 0600 (unless the -u flag is given) and the filename is
printed to standard output.
Debian packages using mktemp in maintainer scripts must depend on de-
bianutils >= 1.7.
EXAMPLES
The following sh(1) fragment illustrates a simple use of mktemp where the
script should quit if it cannot get a safe temporary file.
p=`basename $0`
TMPFILE=`mktemp /tmp/$p.XXXXXX` || exit 1
echo "program output" >> $TMPFILE
