This is the mail archive of the
binutils@sources.redhat.com
mailing list for the binutils project.
Re: Security patch for binutils-2.11.92.0.10 (2nd try)...
Nick Clifton <nickc@cambridge.redhat.com> writes:
|> Hi Steven,
|>
|> > This is my second attempt at a small security patch to replace
|> > all 'mktemp' calls (2 of them) with calls to 'mkstemp'. My
|> > first patch was wrong because I neglected to close the open
|> > file descriptor that gets returned by 'mkstemp'. This is now
|> > fixed and should function properly. Thanks.
|>
|> Except that this does not really improve the security of the tools
|> that use the make_tempname() function. The reason mkstemp() is better
|> than mktemp() is that returns a file descriptor that has been opened
|> with O_EXCL. By closing the descriptor, and then reopening the file
|> later on, you loose the security inherent in creating the temporary
|> name and opening the file at the same time.
But mkstemp has already created the file (securely), thus we know that we
won't be following malicious symlinks later (only the owner and the
superuser can manipulate that file).
Andreas.
--
Andreas Schwab "And now for something
Andreas.Schwab@suse.de completely different."
SuSE Labs, SuSE GmbH, Schanzäckerstr. 10, D-90443 Nürnberg
Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5