===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/Attic/porting.html,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- www/Attic/porting.html 1998/12/20 17:08:45 1.15
+++ www/Attic/porting.html 1998/12/21 21:48:41 1.16
@@ -95,13 +95,22 @@
strcat/strcpy/strcmp/sprintf
. In general,
sprintf
should be replaced with snprintf
.
-
/tmp
with symbolic links to more strategic files, such as
/etc/passwd
.
+
+ fopen
and freopen
+ create a new file or open an existing file for
+ writing. An attacker may create a symbolic link from
+ /etc/paswd
to /tmp/addrpool_dump
. The
+ instant you open it, your password file is hosed. Yes, even with
+ an unlink
right before. You only narrow the window
+ of opportunity. Use open
with
+ O_CREAT|O_EXCLUDE
and fdopen
instead.
- mktemp
+ mktemp
function. Head the warnings of the bsd linker about its uses.
These must be fixed.
This is not quite as simple as s/mktemp/mkstemp/g
.