Rogier Wolff wrote:
> Martin Schulze wrote:
> > This was not intentional by the author, he tried to use tempfile(1) to
> > create the temporary filename. However, due to a thinko, the name was
> > hardcoded into the script.
> [...]
> > +#NNTPactive=\`tempfile -p active\` #"/tmp/active.\$\$"
>
> So now you're using tempfile? This usually yields an easily
No, but now we're using tempfile in a proper way. In the original source
code it was used like:
NNTPactive=`tempfile -p active`
that lead into this code in /usr/bin/newsgroups
active=/tmp/activea98b82
This was hardcoded and predictable, thus very bad. Now the program
/usr/bin/newsgroups contains this line:
active=`tempfile -p active`
which will use /tmp/active9292s for the first call and /tmp/active9x92y
for the second call. tempfile will also check if the file exists and
use a different name otherwise, and will create the file so it can
be used by scripts later on. This is ought to be safe.
> predictable filename, for which the same exploits hold. Just keep an
> eye out for the last PID issued, and OK, this time you might need to
> flip a link (provided that tempfile indeed refuses to return a file
> that is currently symlinked.)
It does refuse. However there is a small chance that it only
does this in Debian, but I don't hope so.
Regards,
Joey
--
A mathematician is a machine for converting coffee into theorems.