[13679] in bugtraq
Re: Tempfile vulnerabilities
daemon@ATHENA.MIT.EDU (Neil Blakey-Milner)
Wed Feb 2 18:01:17 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <20000202125014.A42626@mithrandr.moria.org>
Date: Wed, 2 Feb 2000 12:50:14 +0200
Reply-To: Neil Blakey-Milner <nbm@MITHRANDR.MORIA.ORG>
From: Neil Blakey-Milner <nbm@MITHRANDR.MORIA.ORG>
X-To: Grant Taylor <gtaylor+bugtraq_hcdbb013100@PICANTE.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <200002010455.XAA20677@pace.picante.com>
On Mon 2000-01-31 (23:55), Grant Taylor wrote:
>
> sub get_tmpfile {
> my $file;
> do {
> open RAN, "/dev/random" || die;
> read(RAN,$foo,16);
> close RAN;
> $file = '/tmp/autobuse' . unpack('H16',$foo);
> } while (-e $file || -l $file);
>
> return $file;
> }
>
> This method is Linux-specific, but that's all I need. The fixed
> autobuse is available at http://www.picante.com/~gtaylor/autobuse/
>
> Note that Autobuse has, as far as I know, zero users (including me).
> If I am wrong about this, please let me know!
I was about to suggest using mkstemp() from File::MkTemp, available
on CPAN, until I noticed that this mkstemp doesn't seem to use
O_CREAT and O_EXCL from Fcntl nor does it chmod 600 or similar.
It uses:
$template = mktemp(@_);
$openup = File::Spec->catfile($_[1], $template);
$fh = new FileHandle ">$openup"; #and say ahhh.
croak("Could not open file: $openup")
unless(defined $fh);
return($fh);
Which seems to be just as bad as using mktemp, and then opening a
file, with the usual race conditions. Considering the general
feeling about the "mkstemp" concept, this implementation isn't
quite there.
Neil
--
Neil Blakey-Milner
nbm@rucus.ru.ac.za
