[krbdev.mit.edu #6002] krb5_rc_io_creat should use mkstemp
Ken Raeburn via RT
rt-comment at krbdev.mit.edu
Thu Jul 17 23:24:07 EDT 2008
On Jul 17, 2008, at 23:09, Tom Yu via RT wrote:
> Ok, so this is a case where using mkstemp() is clearly less safe.
> What should we do? tmpnam() and open(O_CREAT|O_EXCL)? Some
> development environments are evolving toward warning about uses of
> mktemp(), which is similar to tmpnam(), so they may also flag uses of
> tmpnam().
Coming up with names not already taken isn't all that hard, it just
requires setting up a loop and having a reasonably large space of
names to work through. With a large enough namespace and a halfway
decent PRNG, we ought to be able to find an unused name in one or two
tries, actually: dir + "/krb5_RC" + base64(random).
Do we have this sort of thing happening elsewhere, such that a utility
function mkstemp_mode_0600 would help?
Ken
More information about the krb5-bugs
mailing list