Rogier Wolff wrote: > Martin Schulze wrote: > > This was not intentional by the author, he tried to use tempfile(1) to > > create the temporary filename. However, due to a thinko, the name was > > hardcoded into the script. > [...] > > +#NNTPactive=\`tempfile -p active\` #"/tmp/active.\$\$" > > So now you're using tempfile? This usually yields an easily No, but now we're using tempfile in a proper way. In the original source code it was used like: NNTPactive=`tempfile -p active` that lead into this code in /usr/bin/newsgroups active=/tmp/activea98b82 This was hardcoded and predictable, thus very bad. Now the program /usr/bin/newsgroups contains this line: active=`tempfile -p active` which will use /tmp/active9292s for the first call and /tmp/active9x92y for the second call. tempfile will also check if the file exists and use a different name otherwise, and will create the file so it can be used by scripts later on. This is ought to be safe. > predictable filename, for which the same exploits hold. Just keep an > eye out for the last PID issued, and OK, this time you might need to > flip a link (provided that tempfile indeed refuses to return a file > that is currently symlinked.) It does refuse. However there is a small chance that it only does this in Debian, but I don't hope so. Regards, Joey -- A mathematician is a machine for converting coffee into theorems.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:58:01 PDT