mktemp is dangerous warning
Hi, I have noticed after I upgrade to gcc 2.95.3 (from Philip Thomas's directory at ftp.suse.com) I am getting a warning like "use of mktemp is dangerous use mkstemp instead. " Now since I have a D in programming is this something I should worry about. An example is xsane-0.77 TIA -- Togan Muftuoglu
It's only dangerous if you have other users on your machine. There is a possibility of a local exploit, but nothing remote. The man page for mktemp(3) has the details BUGS Never use mktemp(). Some implementations follow BSD 4.3 and replace XXXXXX by the current process id and a single letter, so that at most 26 different names can be returned. Since on the one hand the names are easy to guess, and on the other hand there is a race between test ing whether the name exists and opening the file, every use of mktemp() is a security risk. The race is avoided by mkstemp(3). Regards Anders On Thursday 24 May 2001 20:10, Togan Muftuoglu wrote:
Hi,
I have noticed after I upgrade to gcc 2.95.3 (from Philip Thomas's directory at ftp.suse.com) I am getting a warning like "use of mktemp is dangerous use mkstemp instead. "
Now since I have a D in programming is this something I should worry about. An example is xsane-0.77
TIA
If I understand all this correctly, mktemp creates temporary files in
an "unsafe" manner. mkstemp creates temporary files in exclusive
mode. The problem is a hostile user can create a link in /tmp with
the expected name of a temporary file that points to something else.
The something else is erased by the temporary file if the user
creating the temporary file has the right permissions (links don't
have permissions). If a hostile user correctly guesses the temp file
name created by root, boom, the file's gone.
This is not a problem if you don't have hostile users, e.i., you are
the only one using your machine. It is a local exploit, the hostile
user has to be logged in to do it, or to create a script to do it for
them.
If you worry, use the source! ;) Change the calls yourself.
Jeffrey
Quoting Togan Muftuoglu
Hi,
I have noticed after I upgrade to gcc 2.95.3 (from Philip Thomas's directory at ftp.suse.com) I am getting a warning like "use of mktemp is dangerous use mkstemp instead. "
Now since I have a D in programming is this something I should worry about. An example is xsane-0.77
TIA
-- I don't do Windows and I don't come to work before nine. -- Johnny Paycheck
participants (3)
-
Anders Johansson
-
Jeffrey Taylor
-
Togan Muftuoglu