On Thu, Jan 13, 2000 at 01:03:25AM +0100, Krzysztof Halasa wrote:
> "Sean Hunter" <sean@uncarved.co.uk> writes:
>
> > You run your program, but I have created a simlink in /tmp with the
> > same name (because the name is guessable).
>
> It is independent of PIDs being guessable or not. With really random
> PIDs you can still create link(s) in /tmp and after some number of tries
> you can win the race (especially when you can execute the suid program
> in question yourself).
I don't do this, I know its crap. If you put my quote in context it
was to explain to somone else why a /tmp race is called a race
> 32 bits would be some help here, but that doesn't fixes the problem,
> only makes you wait longer.
I agree.
Sean
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Jan 15 2000 - 21:00:22 EST