The same PID? (nameless files?)
Gary M. Samuelson
garys at bunker.UUCP
Wed Sep 11 01:06:32 AEST 1985
> Someone mentioned a security problem, using a scenario like this:
>
> cracker observes root preparing to edit /etc/passwd
> cracker creates a bunch of files in /tmp with the same name
> and so on as the editor, pids increasing fron current pid to some large
> number.
> editor creates temp files & cracker has read/write access to same.
How will said cracker have read/write access to the file the editor
created? The fact that there used to be a different file of the same
name is irrelevant, isn't it?
> This is about the only situation I can see where mktemp does anything
> worthwhile that sprintf("/tmp/foo%dx%d", getpid(), i++) doesn't. Of course
> in a case like this vipw should really create a nameless file.
A nameless file? What is that? How does one create/open/unlink it?
> Peter (Made in Australia) da Silva
Gary Samuelson
ittatc!bunker!garys
More information about the Comp.lang.c
mailing list