Pardon me if this is already known -- Theo, at least, had never heard of a Unix doing this. mkstemp() under Linux claims to conform to BSD4.3, but BSDs (FreeBSD and OpenBSD, at least) seem to have a slightly different behavior. Under Linux, new files are created with mode 0666, while under BSDs new files are created with mode 0600. A user need only set his umask to 0 and he will be able to write to temp files created with mkstemp() by suid root programs, unless the suid root programs set their own umask. This is probably not a major problem for any apps, but it's something everyone should note when porting security-sensitive apps to Linux from BSDs (and possibly other platforms). A quick check shows that mkstemp() is implemented in glibc2.0.7-pre1 using 0666 as well, but that was just from a prefunctory glance at the code -- something may be going on that I didn't notice. Greg Alexander - also <gralexanat_private> - http://sietch.home.ml.org/ ---- Any sufficiently advanced bug is indistinguishable from a feature. -- Rich Kulawiec
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:44:39 PDT