On 17 March 2013 06:56, Serafeim Zanikolas <s...@debian.org> wrote: > Hi Francesco, > > On Sat, Mar 16, 2013 at 11:25:36PM +0100, Francesco Poli wrote [edited]: >> On Sat, 16 Mar 2013 12:05:09 +0100 David Kalnischkies wrote: > [..] >> > Using a hook-defined fifoname rather than a random fifoname should be >> > okay as the later isn't more secure than the former (if an attacker has >> > root rights to write to it we are doomed anyway …) >> >> Please excuse my ignorance: isn't a pre-defined fifoname prone to a >> symlink attack? > > It's prone only in a publicly-writable directory, which is not the case for > /var/run. > >> > and in fact creating >> > a randomly named fifo could be hard in practice … >> >> Isn't there anything like mkstemp(3) for named pipes? > > I'm not aware of any -- but we can get away without one anyway.
The data can be passed through an open fd, similar to dpkg --status-fd argument. Then there are no issues due to filesystems global namespace and it removes the fs as an unrequired middle-man. >> > I guess the apt-listbugs patch is just for testing, but I say it >> > non-the-less: >> > It would be good if at least apt-listbugs/wheezy would support both so we >> > don't create backport problems that early in the (not even started) wheezy >> > release cycle. ;) >> >> At this point of the wheezy freeze, I cannot introduce any change into >> apt-listbugs/wheezy, except for those that fix important or RC bugs. Due to this issue and current work-around for #662983, the functionality of the package is severly downgraded. Introducing a new interface (named pipe or open fd) is desirable for the reasons David says, and has potential for wheezy especially if backed by the apt developers. Regards -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org