Issues with /tmp/mc-$USER directory

From: Koblinger Egmont <egmont uhulinux hu>
To: mc-devel gnome org
Subject: Issues with /tmp/mc-$USER directory
Date: Wed, 25 Dec 2002 23:46:38 +0100 (CET)

Hi!

Recent snapshots (2002-12-23-17 and similar ones) of mc create the
directory /tmp/mc-$USER. (src/utilunix.c: mc_tmpdir())

This is a bad idea, since another user may create this directory with
arbitrary permissions and files in it, causing mc to misbehave for me.

Whenever a temporary file or directory is used under /tmp or $TMPDIR, the
library calls mkstemp() or mkdtemp() should be used.

Alternatively, a directory or file under the user's home can be used, but
this raises more issues: the file name should contain at least the PID and
the hostname, so that two mc's running on different hosts sharing the same
home over NFS do not disturb each other. Also it should be taken to
account that locking and atomicity might be poor over network filesystems.
Large files should not be kept there (because of possible low user quota
or low network bandwidth). However, the file created for the -P option
might go here for example, but /tmp is good, too.

For VFS-created temporary files a directory created by mkdtemp() could be
a good solution. Since this directory is only used by one mc process, it
should be (recursively) removed when quitting mc.

Currently the argument of the -P option is opened with the O_EXCL flag
(src/main.c line 2359).  This has no problem as long as this file sits
under a directory which is guaranteed to be owned by me (as it isn't now),
but I don't see any advantages of it as soon as the directory is sure
mine. (Currently the directory can be owned by another user, in which case
the lack of that O_EXCL flag could let him destroy any of my files
(creating a symlink there)). However, that O_EXCL flag does cause some
problems. First: I can't use mktemp from the wrapper shell script to
create a file that is owned by me and later let mc use that one for its -P
option. Second: I can't use /dev/stdout or /dev/stderr there.

To summarize all these:

temporary directory should be created by mkdtemp(),
it should be removed at exit,
O_EXCL should IMHO be removed when opening the -P file,
the wrapper script should use a file under the user's home, or a file
created by the mktemp command.




cheers,
Egmont Koblinger

UHU Linux (Hungarian Linux Distribution)
www.uhulinux.hu

Follow-Ups:
- Re: Issues with /tmp/mc-$USER directory
  - From: Pavel Roskin
- Re: Issues with /tmp/mc-$USER directory
  - From: Tomasz Kłoczko

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]