bug-gnu-utils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: temp file creation bug in diffutils 2.7

From: Paul Eggert
Subject: Re: temp file creation bug in diffutils 2.7
Date: Wed, 27 Dec 2000 16:37:44 -0800 (PST) 
> Date: Thu, 28 Dec 2000 00:31:10 +0000 (GMT)
> Cc: address@hidden, address@hidden, address@hidden
> From: Alan Cox <address@hidden>
> 
> > -       FILE *tmp = ck_fopen (tmpname, "w+");
> > +       int fd;
> > +       FILE *tmp;
> > +
> > +#if defined O_CREAT && defined O_TRUNC && defined O_EXCL
> > +       /* Use O_EXCL to avoid race condition.  */
> > +       fd = open (tmpname, O_RDWR | O_CREAT | O_TRUNC | O_EXCL,
> > +                  S_IRUSR | S_IWUSR);
> > +#else
> > +       fd = creat (tmpname, S_IRUSR | S_IWUSR);
> > +#endif
> 
> That seems strange. On old SYS5 unix boxes you will recompile a dangerously
> insecure binary rather than refuse to build

Ancient hosts without proper O_EXCL support can be used safely if all
users trust each other.  I don't see the point of refusing to support
such environments.  The patch is safe on all modern hosts.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]