os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Fix bogus mkstemp() reference.

Browse source 
Spotted by:	Jun Kuriyama <kuriyama@sky.rim.or.jp>
This commit is contained in:
Jordan K. Hubbard 1999-09-06 22:51:27 +00:00
parent 945df9d6a0
commit 7c67a5f6bb
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/www/; revision=5557
3 changed files with 15 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
en/security/advisories.xml
View file

@ -1,10 +1,10 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
<!ENTITY base CDATA "..">
<!ENTITY date "$FreeBSD$">
<!ENTITY date "$FreeBSD: www/en/security/security.sgml,v 1.13 1999/09/06 07:02:58 peter Exp $">
<!ENTITY title "FreeBSD Security Information">
<!ENTITY % includes SYSTEM "../includes.sgml"> %includes;
]>
<!-- $FreeBSD$ -->
<!-- $FreeBSD: www/en/security/security.sgml,v 1.13 1999/09/06 07:02:58 peter Exp $ -->
<html>
&header;
@ -208,14 +208,14 @@ your program reads environment variables, be paranoid. Be very paranoid!
is a symbolic link?"
<P></P></LI>
<LI>Make sure to use mkstemp() instead of mktemp(), tempnam(), mkstemp() and
etc. Also make sure to look for races in /tmp in general, being aware that
<LI>Make sure to use mkstemp() instead of mktemp(), tempnam(), etc.
Also make sure to look for races in /tmp in general, being aware that
there are very few things which can be atomic in /tmp:
<UL>
<LI>Creating a directory. This will either succeed or fail.</LI>
<LI>Opening a file O_CREAT | O_EXECL</LI>
</UL>
If you use mkstemp - above cases will be properly handled for you. Hence
If you use mkstemp() - above cases will be properly handled for you. Hence
all temp files should use mkstemp() to guarantee there is not race
condition and that the permissions are correct.
<P></P></LI>

10
en/security/security.sgml
View file

@ -1,10 +1,10 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
<!ENTITY base CDATA "..">
<!ENTITY date "$FreeBSD$">
<!ENTITY date "$FreeBSD: www/en/security/security.sgml,v 1.13 1999/09/06 07:02:58 peter Exp $">
<!ENTITY title "FreeBSD Security Information">
<!ENTITY % includes SYSTEM "../includes.sgml"> %includes;
]>
<!-- $FreeBSD$ -->
<!-- $FreeBSD: www/en/security/security.sgml,v 1.13 1999/09/06 07:02:58 peter Exp $ -->
<html>
&header;
@ -208,14 +208,14 @@ your program reads environment variables, be paranoid. Be very paranoid!
is a symbolic link?"
<P></P></LI>
<LI>Make sure to use mkstemp() instead of mktemp(), tempnam(), mkstemp() and
etc. Also make sure to look for races in /tmp in general, being aware that
<LI>Make sure to use mkstemp() instead of mktemp(), tempnam(), etc.
Also make sure to look for races in /tmp in general, being aware that
there are very few things which can be atomic in /tmp:
<UL>
<LI>Creating a directory. This will either succeed or fail.</LI>
<LI>Opening a file O_CREAT | O_EXECL</LI>
</UL>
If you use mkstemp - above cases will be properly handled for you. Hence
If you use mkstemp() - above cases will be properly handled for you. Hence
all temp files should use mkstemp() to guarantee there is not race
condition and that the permissions are correct.
<P></P></LI>

10
share/sgml/advisories.xml
View file

@ -1,10 +1,10 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
<!ENTITY base CDATA "..">
<!ENTITY date "$FreeBSD$">
<!ENTITY date "$FreeBSD: www/en/security/security.sgml,v 1.13 1999/09/06 07:02:58 peter Exp $">
<!ENTITY title "FreeBSD Security Information">
<!ENTITY % includes SYSTEM "../includes.sgml"> %includes;
]>
<!-- $FreeBSD$ -->
<!-- $FreeBSD: www/en/security/security.sgml,v 1.13 1999/09/06 07:02:58 peter Exp $ -->
<html>
&header;
@ -208,14 +208,14 @@ your program reads environment variables, be paranoid. Be very paranoid!
is a symbolic link?"
<P></P></LI>
<LI>Make sure to use mkstemp() instead of mktemp(), tempnam(), mkstemp() and
etc. Also make sure to look for races in /tmp in general, being aware that
<LI>Make sure to use mkstemp() instead of mktemp(), tempnam(), etc.
Also make sure to look for races in /tmp in general, being aware that
there are very few things which can be atomic in /tmp:
<UL>
<LI>Creating a directory. This will either succeed or fail.</LI>
<LI>Opening a file O_CREAT | O_EXECL</LI>
</UL>
If you use mkstemp - above cases will be properly handled for you. Hence
If you use mkstemp() - above cases will be properly handled for you. Hence
all temp files should use mkstemp() to guarantee there is not race
condition and that the permissions are correct.
<P></P></LI>