Re: [PATCH] unifdef: set a secure umask before calling mkstemp()
From: Jesper Juhl
Date: Sun Aug 19 2012 - 17:43:42 EST
On Sat, 18 Aug 2012, Tony Finch wrote:
> Jesper Juhl <jj@xxxxxxxxxxxxx> wrote:
>
> > In newer glibc's (versions > 2.06) reasonably secure permissions of
> > 0600 are used when creating a temporary file with mkstemp(). But for
> > older glibc's (versions <= 2.06) 0666 is used which is not secure.
>
> Thanks for your suggestion! I'm afraid I prefer not to make the change.
>
> Unifdef is only using mkstemp as a convenient way to open a file with a
> non-clashing name. It isn't trying to be secure, so it's OK just to rely
> on the user's umask. And I find it hard to care about a bug that was fixed
> 15 years ago.
>
> I'm also trying to reduce the unixisms in the program for portability
> reasons and this is the most awkward part :-/
>
Fair enough. :-)
Just ignore the patch.
Have a nice day.
--
Jesper Juhl <jj@xxxxxxxxxxxxx> http://www.chaosbits.net/
Don't top-post http://www.catb.org/jargon/html/T/top-post.html
Plain text mails only, please.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/