From owner-FreeBSD-tech-jp@jp.freebsd.org  Mon Aug 16 22:52:40 1999
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id WAA16388;
	Mon, 16 Aug 1999 22:52:40 +0900 (JST)
	(envelope-from owner-FreeBSD-tech-jp@jp.FreeBSD.org)
Received: from mail.kt.rim.or.jp (root@mail.kt.rim.or.jp [202.247.130.53])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id WAA16383
	for <freebsd-tech-jp@jp.freebsd.org>; Mon, 16 Aug 1999 22:52:39 +0900 (JST)
	(envelope-from kuriyama@sky.rim.or.jp)
Received: from rhea.sky.rim.or.jp (ppp511.kt.rim.or.jp [202.247.140.161])
	by mail.kt.rim.or.jp (8.8.8/3.6W-RIMNET-98-06-09) with ESMTP id WAA14412
	for <freebsd-tech-jp@jp.freebsd.org>; Mon, 16 Aug 1999 22:52:36 +0900 (JST)
Received: from localhost (localhost [127.0.0.1])
	by rhea.sky.rim.or.jp (8.9.3/3.7W/rhea-1.1) with ESMTP id WAA42971
	for <freebsd-tech-jp@jp.freebsd.org>; Mon, 16 Aug 1999 22:52:35 +0900 (JST)
To: Tech List <freebsd-tech-jp@jp.freebsd.org>
X-Mailer: Mew version 1.94b42 on XEmacs 20.4 (Emerald)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Message-Id: <19990816225234D.kuriyama@sky.rim.or.jp>
Date: Mon, 16 Aug 1999 22:52:34 +0900
From: Jun Kuriyama <kuriyama@sky.rim.or.jp>
X-Dispatcher: imput version 990623(IM117)
Lines: 22
Reply-To: FreeBSD-tech-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+990727
X-Sequence: FreeBSD-tech-jp 2439
Subject: [FreeBSD-tech-jp 2439] mkstemp()
Errors-To: owner-FreeBSD-tech-jp@jp.freebsd.org
Sender: owner-FreeBSD-tech-jp@jp.freebsd.org
X-Originator: kuriyama@sky.rim.or.jp


$B!!1Q8lHG$N(B http://www.freebsd.org/security/ $B$K0J2<$N$h$&$JJ8>O$,$"$k$N$G(B
$B$9$,!":G=i$NJ8$N0UL#$,$h$/$o$+$j$^$;$s!#(B
$B!!Fs%+=j$"$k(B mkstemp() $B$N$I$C$A$,$,0c$&$s$@$m$&$1$I!D!D!#$I$J$?$+$3$NJ8(B
$B>O$N0UL#$9$k$H$3$m$o$+$j$^$9$G$7$g$&$+!)(B


<LI>Make sure to use mkstemp() instead of mktemp(), tempnam(), mkstemp() and
etc.  Also make sure to look for races in /tmp in general, being aware that
there are very few things which can be atomic in /tmp:
	<UL>
	<LI>Creating a directory.  This will either succeed or fail.</LI>
	<LI>Opening a file O_CREAT | O_EXECL</LI>
	</UL>
If you use mkstemp - above cases will be properly handled for you.  Hence
all temp files should use mkstemp() to guarantee there is not race
condition and that the permissions are correct.
<P></P></LI>


$B$/$j$d$^(B // kuriyama@sky.rim.or.jp
        // kuriyama@FreeBSD.ORG
