Creating and closing a temporary file, only to open it again later exposes you to a well known symlink attack. Basically, if an attacker knows (or can guess) the temp filename they can replace it with a symlink to another file (e.g., /etc/passwd) to potentially reveal the contents of the file or overwrite it.
Sent from my iPad > On Nov 28, 2014, at 3:50 AM, Dong Tan <[email protected]> wrote: > > Dears, > > I recently covered an old project which used cupsTempFile(), isn't support in > CUPS 2.0.0/OS X 10.10. > The design of old project is based on temporary file path not file > descriptor, so I just used cupsTempFd() to get temporary file path and close > it, to make the project working on CUPS 2.0.0/OS X 10.10. > > I check the source code of cupsTempFile() in earlier CUPS, found it just call > cupsTempFd(), and close the file descriptor. So, I wonder if my change has > some unpredictable error. > I know there must be some reason to remove support of cupsTempFile(), I just > want to know why, in order to avoid similar error. > _______________________________________________ > Do not post admin requests to the list. They will be ignored. > Printing mailing list ([email protected]) > Help/Unsubscribe/Update your Subscription: > https://lists.apple.com/mailman/options/printing/msweet%40apple.com > > This email sent to [email protected] _______________________________________________ Do not post admin requests to the list. They will be ignored. Printing mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/printing/archive%40mail-archive.com This email sent to [email protected]
