Linux libc5 'bug' in mkstemp().

Greg Alexander (galexand@sietch.bloomington.in.us)
Mon, 09 Mar 1998 22:07:04 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mark A. Spencer: "*sigh* another RH5 /tmp problem"
Previous message: Avi Rubin: "Updated list of crypto and security courses"
Next in thread: Casper Dik: "Re: Linux libc5 'bug' in mkstemp()."

Pardon me if this is already known -- Theo, at least, had never heard of a
Unix doing this.

mkstemp() under Linux claims to conform to BSD4.3, but BSDs (FreeBSD and
OpenBSD, at least) seem to have a slightly different behavior. Under Linux,
new files are created with mode 0666, while under BSDs new files are created
with mode 0600. A user need only set his umask to 0 and he will be able to
write to temp files created with mkstemp() by suid root programs, unless the
suid root programs set their own umask. This is probably not a major
problem for any apps, but it's something everyone should note when porting
security-sensitive apps to Linux from BSDs (and possibly other platforms).

A quick check shows that mkstemp() is implemented in glibc2.0.7-pre1 using
0666 as well, but that was just from a prefunctory glance at the code --
something may be going on that I didn't notice.

Greg Alexander - also <gralexan@indiana.edu> - http://sietch.home.ml.org/
----
Any sufficiently advanced bug is indistinguishable from a feature.
-- Rich Kulawiec

Next message: Mark A. Spencer: "*sigh* another RH5 /tmp problem"
Previous message: Avi Rubin: "Updated list of crypto and security courses"
Next in thread: Casper Dik: "Re: Linux libc5 'bug' in mkstemp()."