[darcs-devel] security question about msktemp
David Roundy
droundy at abridgegame.org
Sat Apr 16 07:34:44 PDT 2005
This is a question for people who know better than me about security
issues.
Is it unstafe to close the file descriptor that is returned by mkstemp, and
instead just reopen the file based on the filename mkstemp returns?
If this is safe, we could eliminate the last occurrence of openFd, which is
one of the ugly ghc-specific bits of code, which also requires an ugly
workaround to deal with API changes. There would be much rejoicing... :)
>From what I've been told recently about the sticky bit and the /tmp
directory, it sounds like once you've created a file, accessing that file
is secure, even after you've closed it. I'm a bit confused, but seem to
recall there being issues with temporary file creation... but I don't
remember them, and perhaps never fully understood them.
So I'm seeking advice, hoping we can get rid of this last openFd, and get
rid of the workaround, and be another step closer to be hugs-compatible,
and all sorts of wonderful things.
--
David Roundy
http://www.darcs.net
More information about the darcs-devel
mailing list