Path: utzoo!attcan!uunet!vsi!friedl From: friedl@vsi.COM (Stephen J. Friedl) Newsgroups: comp.unix.wizards Subject: Re: TMPDIR (was Re: Nasty Security Hole?) Summary: access(2) dammit / careful with tempnam(3) Keywords: mail permissions security Message-ID: <955@vsi.COM> Date: 29 Nov 88 19:42:57 GMT References: <175@ernie.NECAM.COM> <189@wyn386.UUCP> <2955@ingr.UUCP> <755@quintus.UUCP> Distribution: na Organization: V-Systems, Inc. -- Santa Ana, CA Lines: 25 In article <755@quintus.UUCP>, ok@quintus.uucp (Richard A. O'Keefe) writes: > > See TEMPNAM(BA_LIB) in the SVID. > char *tempnam(char *dir, char *prefix) > If TMPDIR is defined in the user's environment and can be used, use that. > If dir is non-NULL and names a usable directory, use that. > If P_tmpdir (in, usually /usr/tmp/) is usable, use that. > Use /tmp only as a last resort. > (Yes, that's right, $TMPDIR over-rides the dir argument.) An important note about tempnam(3): some (all?) implementations use access(2) to determine if the user has permission to use the temporary directory so mentioned. This can cause problems in a setuid/setgid environment where the effective uid/gid has permission to the dir but the real, underlying uid/gid does not. Another reason why you should require a license to use access(2). Steve -- Steve Friedl V-Systems, Inc. +1 714 545 6442 3B2-kind-of-guy friedl@vsi.com {backbones}!vsi.com!friedl attmail!vsi!friedl --------Nancy Reagan on access(2): "Just say NO F**KING WAY"------- :wq!