You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@apr.apache.org by Joe Orton <jo...@redhat.com> on 2004/11/17 17:22:11 UTC
Re: cvs commit: apr/file_io/netware mktemp.c
On Fri, Oct 08, 2004 at 09:52:20PM -0000, Jean-Jacques Clar wrote:
> clar 2004/10/08 14:52:20
>
> Modified: file_io/netware Tag: APR_0_9_BRANCH mktemp.c
> Log:
> removed the O_EXCL bit from the passed-in flag to allow create then open on temp file
I just noticed this: it looks like the Netware apr_file_mktemp
implementation is unsafe. Is there a reason why it doesn't use
apr_file_os_put() given the fd from mkstemp() like the Unix
implementation does? It's the classic "/tmp race" security issue:
fd = mkstemp(template);
...
close(fd);
/* ### file named by template can be replaced here! ### */
if ((rv = apr_file_open(fp, template, flags|APR_FILE_NOCLEANUP,
joe