cvs commit: src/usr.bin/make job.c
Giorgos Keramidas
keramida at freebsd.org
Wed May 18 07:15:03 PDT 2005
On 2005-05-18 01:41, Max Okumoto <okumoto at ucsd.edu> wrote:
> Your idea of using mkdtemp() can be fixed by putting a loop
> around the code. Each time around the loop would be expensive
> but we wouldn't be doing that to often anyway.
>
> loop:
> mkdtemp(template)
> mkfifo(tempalte + "/fifo")
> if error remove temp directory, restore template and loop.
>
> Or better yet, if someone could create an equiv function in libc
> so I don't have to maintain it in make(1) :-) Do any other
> programs need the ability to make a temp fifo?
>
> Personally, I don't think it is a risk, but I wanted other
> peoples opinions, before I tried to fix a non-issue. :-)
Does this really need to be of the form DIR/fifo ?
I haven't looked at the code that uses the fifo at all, so I risk being
extremely out of topic here, but why wouldn't a temporary fifo created
with a name obtained from mkstemp() work too?
A directory won't be needed if the fifo name is created by mkstemp() and
then passed directly to mkfifo(2).
Then there is still a (small?) possibility for a race, but a subsequent
invocation of mkstemp() is almost guaranteed to work, unless mkstemp()
is severely broken.
More information about the freebsd-security
mailing list