[darcs-users] darcs patch: Create temporary files in temporary dire... (and 1 more)
Kari Hoijarvi
hoijarvi at me.wustl.edu
Fri May 9 14:07:14 UTC 2008
David Roundy wrote:
> The problem with this change is that we use the current directory for
> security reasons, since it's very hard to safely use the /tmp directory
> when communicating with external programs. e.g. every time we run darcs
> push, darcs creates the patch bundle in a temporary file before applying
> it. If we create this file in /tmp, then a malicious user might be able to
> cleverly create a substitute ...
This is a know security issue, which has been addressed at least since
Windows 2000. Temporary files need to be private.
That's why the c:\temp is obsolete. By default Windows XP sets:
TEMP=C:\Documents and Settings\hoijarvi\Local Settings\Temp
I'm the owner of this directory, so you need to log on as me or
administrators rights to access it.
If the user sets TEMP=C:\Temp, it's already a security hole, not your
problem.
So darcs definitely should follow TEMP by default.
Allowing to override this with DARCS_TMPDIR is fine but I see it as an
unnecessary feature.
Kari
More information about the darcs-users
mailing list