You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@apr.apache.org by Chuck Murcko <ch...@topsail.org> on 2002/06/02 12:24:50 UTC
a security nit
Is this warning:
htpasswd.o: In function `main':
/x1/home/chuck/httpd-2.0-nightly/support/htpasswd.c(.text+0xa84):
warning: tmpnam() possibly used unsafely; consider using mkstemp()
1) the sort of thing to involve apr in, or
2) should I just open()/close() the file before it really gets fopen()ed
thus:
if((tmp_fd = open(tmp_name, O_RDWR|O_CREAT|O_EXCL, 0600)) < 0)
{
fprintf(stderr, "tmpfile create failure!\n");
exit(-1);
}
close(tmp_fd);
which still leaves a narrow timing window of attack but is easily
portable AFAICS.
3) or just rewrite the thing using open()?
It doesn't seem that big a deal to us so I'd opt for 2) which is at
least a bit tighter.
Thanks,
Chuck
Re: a security nit
Posted by "William A. Rowe, Jr." <wr...@rowe-clan.net>.
At 05:24 AM 6/2/2002, Chuck Murcko wrote:
>Is this warning:
>
>htpasswd.o: In function `main':
>/x1/home/chuck/httpd-2.0-nightly/support/htpasswd.c(.text+0xa84): warning:
>tmpnam() possibly used unsafely; consider using mkstemp()
>
>1) the sort of thing to involve apr in, or
Yes... it has to be portable [although not equally effective on all platforms,
that will depend on the API.]
>It doesn't seem that big a deal to us so I'd opt for 2) which is at least
>a bit tighter.
It is... that's why it's been left with the warning rather than easily
closing the
warning with option 2 as you suggested. As long as the warning remains,
it's a kick in the pants to push us to do it the right way.
Bill