Many security improvements from OpenBSD:

implement mkdtemp improve man page for mk*temp use arc4random to seed extra XXX's randomly Optionally warn of unsafe mktemp uses From various commits by theo de raadt and Todd Miller. Obtained from: OpenBSD This should go into 2.2 after a testing period.
author: imp <imp@FreeBSD.org> 1998-02-13 02:13:24 +0000
committer: imp <imp@FreeBSD.org> 1998-02-13 02:13:24 +0000
commit: 9461b07207276f197a45e7ed0bc94bda8106f779 (patch)
tree: bf29f53d22853e188a325419db4e6bdeecab1744 /lib/libc/stdio/mktemp.3
parent: b31dde27bfeaed94b1026c0788c4e98b1af47f3c (diff)
download: FreeBSD-src-9461b07207276f197a45e7ed0bc94bda8106f779.zip
FreeBSD-src-9461b07207276f197a45e7ed0bc94bda8106f779.tar.gz
1 files changed, 41 insertions, 11 deletions
diff --git a/lib/libc/stdio/mktemp.3 b/lib/libc/stdio/mktemp.3
index 28a662d..50d7de4 100644
--- a/lib/libc/stdio/mktemp.3
+++ b/lib/libc/stdio/mktemp.3
@@ -31,7 +31,7 @@
 .\"
 .\"     @(#)mktemp.3	8.1 (Berkeley) 6/4/93
 .\"
-.Dd June 4, 1993
+.Dd February 11, 1998
 .Dt MKTEMP 3
 .Os
 .Sh NAME
@@ -43,6 +43,8 @@
 .Fn mktemp "char *template"
 .Ft int
 .Fn mkstemp "char *template"
+.Ft char *
+.Fn mkdtemp "char *template"
 .Sh DESCRIPTION
 The
 .Fn mktemp
@@ -78,11 +80,18 @@ makes the same replacement to the template and creates the template file,
 mode 0600, returning a file descriptor opened for reading and writing.
 This avoids the race between testing for a file's existence and opening it
 for use.
+.Pp
+The
+.Fn mkdtemp
+function makes the same replacement to the template as in
+.Xr mktemp 3
+and creates the template directory, mode 0700.
 .Sh RETURN VALUES
 The
 .Fn mktemp
-function
-returns a pointer to the template on success and
+and
+.Fn mkdtemp
+functions return a pointer to the template on success and
 .Dv NULL
 on failure.
 The
@@ -93,9 +102,9 @@ If either call fails an error code is placed in the global variable
 .Va errno .
 .Sh ERRORS
 The
-.Fn mktemp
-and
 .Fn mkstemp
+and
+.Fn mkdtemp
 functions
 may set
 .Va errno
@@ -106,9 +115,9 @@ The pathname portion of the template is not an existing directory.
 .El
 .Pp
 The
-.Fn mktemp
-and
 .Fn mkstemp
+and
+.Fn mkdtemp
 functions
 may also set
 .Va errno
@@ -124,12 +133,22 @@ may also set
 to any value specified by the
 .Xr open 2
 function.
+.Pp
+The
+.Fn mkdtemp
+function
+may also set
+.Va errno
+to any value specified by the
+.Xr mkdir 2
+function.
 .Sh NOTES
 A common problem that results in a core dump is that the programmer
 passes in a read-only string to 
-.Fn mktemp
-or 
-.Fn mkstemp .
+.Fn mktemp ,
+.Fn mkstemp
+or
+.Fn mkdtemp .
 This is common with programs that were developed before 
 .St -ansiC
 compilers were common.
@@ -146,13 +165,24 @@ so that it will store string constants in a writable segment of memory.
 See
 .Xr gcc 1
 for more information.
+.Sh BUGS
+An attacker can guess the filenames produced by
+.Fn mktemp .
+Whenever it is possible
+.Fn mkstemp
+should be used instead.
 .Sh SEE ALSO
 .Xr chmod 2 ,
 .Xr getpid 2 ,
+.Xr mkdir 2 ,
 .Xr open 2 ,
 .Xr stat 2
 .Sh HISTORY
 A
-.Nm mktemp
+.Fn mktemp
 function appeared in
 .At v7 .
+The 
+.Fn mkdtemp
+function first appeared in
+.Ox 2.2 .
author	imp <imp@FreeBSD.org>	1998-02-13 02:13:24 +0000
committer	imp <imp@FreeBSD.org>	1998-02-13 02:13:24 +0000
commit	9461b07207276f197a45e7ed0bc94bda8106f779 (patch)
tree	bf29f53d22853e188a325419db4e6bdeecab1744 /lib/libc/stdio/mktemp.3
parent	b31dde27bfeaed94b1026c0788c4e98b1af47f3c (diff)
download	FreeBSD-src-9461b07207276f197a45e7ed0bc94bda8106f779.zip FreeBSD-src-9461b07207276f197a45e7ed0bc94bda8106f779.tar.gz