unsafe use of /tmp files
Bug #1119984 reported by
Seth Arnold
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| vde2 (Ubuntu) |
Triaged
|
Undecided
|
Unassigned | ||
Bug Description
There is an unsafe use of /tmp files in cryptcab:
if ((od = creat ("/tmp/
Note that creat(2) cannot protect against symlink attacks because it does not include the open(2) O_EXCL flag.
It also seems odd to hard code a filename here rather than use mkstemp(3) to generate a random filename and properly create the file (using O_EXCL to open(2)).
Revision history for this message
| Seth Arnold (seth-arnold) wrote | #1 |
| Changed in vde2 (Ubuntu): | |
| status: | New → Triaged |
| information type: | Private Security → Public Security |
To post a comment you must log in.
https:/