pam_tmpdir, etc
Colin Watson
cjwatson at canonical.com
Fri Oct 29 06:50:39 CDT 2004
On Fri, Oct 29, 2004 at 10:15:11AM +0200, Tollef Fog Heen wrote:
> * Martin Pool
>
> | > One of the shortcomings of pam_tmpdir is that it won't have any effect on
> | > programs which don't honor TMPDIR. Yes, those programs are arguably buggy,
> | > but programs with temporary file vulnerabilities were already buggy. :-)
> |
> | Yes, that's true. It may be a smaller number of programs though, and
> | to some extent this is a numbers game.
>
> grepping for /tmp in .h and .c files is a start, of course, you have
> to go through this by hand (since a lot will fall back to using /tmp
> if getenv(«TMPDIR») doesn't return anything useful (but then, then
> should be using mkstemp or tmpfile)).
tmpfile(), of course, does not honour $TMPDIR at all ...
--
Colin Watson [cjwatson at canonical.com]
More information about the ubuntu-devel
mailing list