Re: LYNX-DEV Improvement on /tmp code fix?

[Foteos Macrides]

Jonathan Sergent <address@hidden> wrote:
>[long, sorry if it's too long]
>
>I finally got around to looking at fotemods/src/LYUtils.c:tempname() 
>and it looks like there's still quite a window of opportunity for 
>people to exploit a nasty race condition (i.e. they can make the 
>symlinks after tempname() does its checks but before the file is 
>created, in another process).

        You're going off the deep end again.  Also, it might have
been a good idea to have looked at it before spending all that time
writing CERT bulletins in reference to it.

        As I've stressed in a previous message, the security newsgroup
message about this was based on simply looking at tempname() without
any knowledge or understanding of what the rest of the code does with
the names it returns.  You've just done the same thing, plus posted
patches for tempname() that might just as well be for some other
software.

        The functions which receive names from tempname() do their
own checks as appropriate, and might come back to tempname() for yet
another name.  Some pass the filename on, while others pass on a
descriptor, and they do the chmod() before closing the file, particularly
in those case where a lag can be expected.

                                Fote

=========================================================================
 Foteos Macrides            Worcester Foundation for Biomedical Research
 address@hidden         222 Maple Avenue, Shrewsbury, MA 01545
=========================================================================
;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;