Re: Issues with /tmp/mc-$USER directory

From: Pavel Roskin <proski gnu org>
To: Koblinger Egmont <egmont uhulinux hu>
Cc: mc-devel gnome org
Subject: Re: Issues with /tmp/mc-$USER directory
Date: Wed, 25 Dec 2002 19:18:01 -0500 (EST)

Hello!

> Recent snapshots (2002-12-23-17 and similar ones) of mc create the
> directory /tmp/mc-$USER. (src/utilunix.c: mc_tmpdir())
>
> This is a bad idea, since another user may create this directory with
> arbitrary permissions and files in it, causing mc to misbehave for me.

Yes, I can reproduce this problem.  I was going to release 4.6.0-pre2
today, but now I have to delay it until this security issue is fixed.

I don't want to delete the directory on exit because there are many
reasons why mc can exit (including crash and killing it when rebooting the
system).  Considering that the temporary directory may have huge files in
it, I would prefer to have a fixed name for it, so that it could be easily
cleaned up by scripts if mc exists without cleaning some files.

I completely agree that using home is not a good idea for NFS based
systems.

Let's separate the security issue from everything else and address it as
soon as possible, ideally without any other changes and without using any
non-portable functions.

mkdtemp would be great if it was more portable.  "info libc" says it comes
from OpenBSD, so I don't think you can find mkdtemp on every UNIX.

It is important to have a fallback for the case if something is wrong with
the temporary directory.  Midnight Commander should be useful even on
systems with all filesystems mounted read-only.

Any help with this fix will be appreciated.  All other issues have been
addressed.  As soon as this issue is fixed, 4.6.0-pre2 will be released.

-- 
Regards,
Pavel Roskin

Follow-Ups:
- Re: Issues with /tmp/mc-$USER directory
  - From: Koblinger Egmont

References:
- Issues with /tmp/mc-$USER directory
  - From: Koblinger Egmont

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]