kxkb speedups for stable branch
Adriaan de Groot
adridg at cs.kun.nl
Sun Jun 23 14:32:00 BST 2002
On Saturday 22 June 2002 18:13, you wrote:
> > 3) Is there a teeny-tiny race condition where you use the KTempFile to
> > create a filename for the temporary stuff and then later use that
> > filename?
>
> I considered it and realized its not a problem, since KTempFile creates
> a random file which currently doesn't exist and the chances that someone
> will place a symlink right between the object creation and file creation
> are non-existant.
Actually, that's the very definition of a race condition. A determined
attacker is going to _try_hard_ to create that symlink, and overwrite some
useful file of yours with xkbd output. "The chances" are definitely _not_
non-existent. They may be miniscule, but with security issues you need to
avoid even the minuscule chances.
I'd say "put this in, and then deal with the security thing before the next
release."
Probably the easiest way to deal with the security thing is to keep the
KTempFile object around until the KProcess exits. Then you know that you
really do have a unique and safe temporary filename. You may need to get the
xkbd compiler to output to stdout instead of to a named file and redirect
stdout to your temp file by hand.
--
KDE on FreeBSD : freebsd.kde.org
KDE with Palm Pilots : www.slac.com/~pilone/kpilot_home
More information about the kde-core-devel
mailing list