cottrell@nbs-vms.ARPA (08/22/85)
/* > (what happens when you get the same pid > as someone else did earlier?). > -- > In-Real-Life: Chris Torek, Univ of MD Comp Sci Dept (+1 301 454 4251) What? You mean the machine actually stays up that long? :-) What? You mean the old process is still around too? :-) How about Floating Point PIDs? :-) ** 2 jim cottrell@nbs */ ------
thomas@utah-gr.UUCP (Spencer W. Thomas) (08/23/85)
>> (what happens when you get the same pid >> as someone else did earlier?). This can happen very easily: Process X does a mktemp (or tmpnam), then execs another program that also wants to mktemp (or tmpnam). It's still got the same PID! -- =Spencer ({ihnp4,decvax}!utah-cs!thomas, thomas@utah-cs.ARPA) "To feel at home, stay at home. A foreign country is not designed to make [one] comfortable. It's designed to make its own people comfortable." Clifton Fadiman
peter@baylor.UUCP (Peter da Silva) (08/29/85)
> >> (what happens when you get the same pid > >> as someone else did earlier?). > > This can happen very easily: Process X does a mktemp (or tmpnam), then > execs another program that also wants to mktemp (or tmpnam). It's still > got the same PID! Yes, but at this point the first program isn't there, and had better have cleaned up its temp files first. Someone mentioned a security problem, using a scenario like this: cracker observes root preparing to edit /etc/passwd cracker creates a bunch of files in /tmp with the same name and so on as the editor, pids increasing fron current pid to some large number. editor creates temp files & cracker has read/write access to same. This is about the only situation I can see where mktemp does anything worthwhile that sprintf("/tmp/foo%dx%d", getpid(), i++) doesn't. Of course in a case like this vipw should really create a nameless file. -- Peter (Made in Australia) da Silva UUCP: ...!shell!neuro1!{hyd-ptd,baylor,datafac}!peter MCI: PDASILVA; CIS: 70216,1076
garys@bunker.UUCP (Gary M. Samuelson) (09/10/85)
> Someone mentioned a security problem, using a scenario like this: > > cracker observes root preparing to edit /etc/passwd > cracker creates a bunch of files in /tmp with the same name > and so on as the editor, pids increasing fron current pid to some large > number. > editor creates temp files & cracker has read/write access to same. How will said cracker have read/write access to the file the editor created? The fact that there used to be a different file of the same name is irrelevant, isn't it? > This is about the only situation I can see where mktemp does anything > worthwhile that sprintf("/tmp/foo%dx%d", getpid(), i++) doesn't. Of course > in a case like this vipw should really create a nameless file. A nameless file? What is that? How does one create/open/unlink it? > Peter (Made in Australia) da Silva Gary Samuelson ittatc!bunker!garys