Re: os.tmpname security risk?

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: os.tmpname security risk?
From: Steve Litt <slitt@...>
Date: Wed, 13 Jul 2011 23:33:20 -0400

On Wednesday, July 13, 2011 09:54:44 PM Patrick Donnelly wrote:
> On Wed, Jul 13, 2011 at 9:47 PM, Steve Litt 
<slitt@troubleshooters.com> wrote:

> >> Your file maker is not better. There is a race condition between
> >> the test to check for the existence of the desired file and the
> >> opening of the file for writing (which creates it).
> >> 
> >> This is why Lua and everyone else uses mkstemp [1].
> >> 
> >> [1]
> >> http://pubs.opengroup.org/onlinepubs/009695399/functions/mkstemp
> >> .h tml
> > 
> > Cool! Where's the documentation on the Lua implementation of
> > mkstemp()?
> 
> os.tmpname uses mkstemp. Look at the source.

os.tmpname() isn't exactly what I want. First, I have no control over 
the filename, and I like that control for debugging and cleaning up 
after ugly crashes. Also, os.tmpname()'s docs say it doesn't open the 
file for write, except on Posix systems. And in fact, to get the file 
handle to write, you need to do io.open(filename, "w"), which doesn't 
give me a warm, fuzzy feeling. Under the circumstances, if I wanted 
something better than my original code with the race condition, I'd 
just make a C module, using mkstemp(template), to interface to Lua.

Thanks

Steve

Steve Litt
Author: The Key to Everyday Excellence
http://www.troubleshooters.com/bookstore/key_excellence.htm
Twitter: http://www.twitter.com/stevelitt

References:
- os.tmpname security risk?, HyperHacker
- Re: os.tmpname security risk?, Steve Litt
- Re: os.tmpname security risk?, Patrick Donnelly

Prev by Date: Re: Forward declaration of a table and (closure) function
Next by Date: Re: [ANN] Lua 5.2.0 (beta) now available
Previous by thread: Re: os.tmpname security risk?
Next by thread: Suggestion: file:write() and other methods should return file
Index(es):
- Date
- Thread