[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Potential security bug in fopen()
From: |
Wolfram Gloger |
Subject: |
Re: Potential security bug in fopen() |
Date: |
Thu, 8 Feb 2001 10:31:54 +0100 ("MET) |
Hello,
> Here is the basic code that was being used:
I created this test:
#include <stdio.h>
#include <unistd.h>
#include <fcntl.h>
int main()
{
FILE *fp;
int fd;
fd = open("/tmp/filename", O_CREAT | O_TRUNC | O_EXCL, 0600);
close(fd);
fp = fopen("/tmp/filename", "w");
fclose(fp);
return 0;
}
> The bug report we got indicated that an strace of the code showed:
>
> open
> close
> unlink
> open
I tried this on an i586 glibc-2.1.3 system and got definitely _no_
unlink.
Regards,
Wolfram.