[gopher] Re: Security problems in gopherd (Was Security alert)
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
One option would be to create a directory in /tmp, mode 0700, and put
all files in it. This would allow the more-portable tempnam() to
continue to be used. In the course of auditing sprintf()s, I did come
across one or two open() calls for /tmp files and added O_EXCL to the
list as a temporary measure...
-- John
David Allen <s2mdalle@xxxxxxxxxxxxx> writes:
> John and others -
>
> There is also still the remaining issue of several uses of the
> tempnam() call in gopherd.c. I've been aware of them and meaning to
> fix them for a while, but they seem to store the name of the temp file
> in a global called ASKfile. When I was looking at it, I wasn't able
> to determine at the time what other dire consequences I'd cause if I
> changed to a different call where the tempfilename wasn't stored in
> ASKfile, so I haven't changed it yet.
>
> It seems though that in some places particularly for ASK data, that
> the daemon stores the response in a temporary file and then lets other
> areas of the code reopen and read that. (Hence the need for the temp
> filename I think) mkstemp looks like a possible replacement since
> there's a way to get the temp filename out of it.
>
> --
> David Allen
> http://opop.nols.com/
> ----------------------------------------
> DISCLAIMER: Regardless of what you read below, I agree with you.
>
>
>
--
John Goerzen <jgoerzen@xxxxxxxxxxxx> www.complete.org
Sr. Software Developer, Progeny Linux Systems, Inc. www.progenylinux.com
#include <std_disclaimer.h> <jgoerzen@xxxxxxxxxxxxxxxx>
|
|
