Re: Uploaded devscripts 2.0.0 (source all) to master

To: Martin Bialasinski <martin@internet-treff.uni-koeln.de>
Cc: Debian Developerslist <debian-devel@lists.debian.org>
Subject: Re: Uploaded devscripts 2.0.0 (source all) to master
From: Joey Hess <joey@kitenet.net>
Date: Thu, 7 Jan 1999 15:08:21 -0800
Message-id: <[🔎] 19990107150821.W31787@kitenet.net>
Mail-followup-to: Martin Bialasinski <martin@internet-treff.uni-koeln.de>, Debian Developerslist <debian-devel@lists.debian.org>
In-reply-to: <[🔎] m0zyO9E-0003kCC@haitech.martin.home>; from Martin Bialasinski on Thu, Jan 07, 1999 at 11:43:24PM +0100
References: <[🔎] m0zyN4S-000InqC@polya> <[🔎] 874sq2iurz.fsf@nocrew.org> <[🔎] m0zyO9E-0003kCC@haitech.martin.home>

Martin Bialasinski wrote:
> I am also not sure what the problem is. Somone pointed out, that if
> the situation is:
> 
> cd /tmp
> touch abc
> ln -s abc def
> 
> then writing to def would host abc. Ok so far.
> 
> I would program this so:
> 
> rm def
> if not successfull then bail out
> create def
> if not successfull than bail out
> write to def
> 
> Is this unsave? Why?

Race condition.

Please, read up on general /tmp security issues before even thinking about
using files in /tmp. Does anyone have any good urls?

-- 
see shy jo

Reply to:

Follow-Ups:
- Re: Uploaded devscripts 2.0.0 (source all) to master
  - From: Wichert Akkerman <wakkerma@cs.leidenuniv.nl>

References:
- Re: Uploaded devscripts 2.0.0 (source all) to master
  - From: jdg@maths.qmw.ac.uk (Julian Gilbey)
- Re: Uploaded devscripts 2.0.0 (source all) to master
  - From: James Troup <james@nocrew.org>
- Re: Uploaded devscripts 2.0.0 (source all) to master
  - From: martin@internet-treff.uni-koeln.de (Martin Bialasinski)

Prev by Date: Re: PROPOSAL: dpkg-logger and related
Next by Date: Re: PROPOSAL: dpkg-logger and related
Previous by thread: Re: Uploaded devscripts 2.0.0 (source all) to master
Next by thread: Re: Uploaded devscripts 2.0.0 (source all) to master
Index(es):
- Date
- Thread