[cap-talk] Reducing Ambient user authority in a Type Safe /Memory Safe OS.
Dominique Quatravaux
domq at cpan.org
Fri Dec 18 07:39:59 PST 2009
On Fri, Dec 18, 2009 at 1:58 PM, Marcus Brinkmann <
marcus.brinkmann at ruhr-uni-bochum.de> wrote:
> Rob Meijer wrote:
> > The process of creating an anonymous file to my knowledge still uses
> > linking into a namespace that is vulnerable to race condition attacks.
>
> It's only vulnerable if used incorrectly ever since O_EXCL was added, see
> mkstemp(3).
>
O_EXCL doesn't work on NFS, which is one of the reasons mkstemp(3) exists in
the first place.
--
Dominique Quatravaux
+41 79 609 40 72
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.eros-os.org/pipermail/cap-talk/attachments/20091218/6ae958e4/attachment.html
More information about the cap-talk
mailing list