This is the mail archive of the
binutils@sources.redhat.com
mailing list for the binutils project.
Re: Security patch for binutils-2.11.92.0.10 (2nd try)...
Nick Clifton <nickc@cambridge.redhat.com> writes:
|> Hi Andreas,
|>
|> > |> Except that this does not really improve the security of the tools
|> > |> that use the make_tempname() function. The reason mkstemp() is better
|> > |> than mktemp() is that returns a file descriptor that has been opened
|> > |> with O_EXCL. By closing the descriptor, and then reopening the file
|> > |> later on, you loose the security inherent in creating the temporary
|> > |> name and opening the file at the same time.
|> >
|> > But mkstemp has already created the file (securely), thus we know that we
|> > won't be following malicious symlinks later (only the owner and the
|> > superuser can manipulate that file).
|>
|> Even for symlinks in the directory path to the file ?
Hmm, I was falsely assuming that make_tempname uses /tmp. So no, in case
the directory contains symlinks, this won't help. But making sure that
the directory is secure is easy enough if you care.
Andreas.
--
Andreas Schwab "And now for something
Andreas.Schwab@suse.de completely different."
SuSE Labs, SuSE GmbH, Schanzäckerstr. 10, D-90443 Nürnberg
Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5