diff options
author | Todd C. Miller <millert@cvs.openbsd.org> | 2005-05-27 17:45:57 +0000 |
---|---|---|
committer | Todd C. Miller <millert@cvs.openbsd.org> | 2005-05-27 17:45:57 +0000 |
commit | 5d05f9ab43992c83f5ea86e6f65ba7b0d82ceeac (patch) | |
tree | 08dacad99573eed60c6d3a25e3693f605b0f5286 | |
parent | 41328c09e266d4a15f2fdccc2afd06dc3575e0e1 (diff) |
mktemp(3) et al. go in stdlib.h, not unistd.h. While there be more
explicit about mktemp(3) in the man page.
-rw-r--r-- | include/stdlib.h | 6 | ||||
-rw-r--r-- | include/unistd.h | 6 | ||||
-rw-r--r-- | lib/libc/stdio/mktemp.3 | 38 |
3 files changed, 33 insertions, 17 deletions
diff --git a/include/stdlib.h b/include/stdlib.h index 8fdec7e2e99..244764cc99e 100644 --- a/include/stdlib.h +++ b/include/stdlib.h @@ -1,4 +1,4 @@ -/* $OpenBSD: stdlib.h,v 1.33 2005/05/11 18:44:12 espie Exp $ */ +/* $OpenBSD: stdlib.h,v 1.34 2005/05/27 17:45:56 millert Exp $ */ /* $NetBSD: stdlib.h,v 1.25 1995/12/27 21:19:08 jtc Exp $ */ /*- @@ -122,6 +122,10 @@ ldiv_t ldiv(long, long); long long llabs(long long); void *malloc(size_t); +char *mkdtemp(char *); +int mkstemp(char *); +int mkstemps(char *, int); +char *mktemp(char *); void qsort(void *, size_t, size_t, int (*)(const void *, const void *)); int rand(void); int rand_r(unsigned int *); diff --git a/include/unistd.h b/include/unistd.h index 30329fc8abd..56a85a1521b 100644 --- a/include/unistd.h +++ b/include/unistd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: unistd.h,v 1.52 2004/01/13 18:10:53 millert Exp $ */ +/* $OpenBSD: unistd.h,v 1.53 2005/05/27 17:45:56 millert Exp $ */ /* $NetBSD: unistd.h,v 1.26.4.1 1996/05/28 02:31:51 mrg Exp $ */ /*- @@ -165,10 +165,6 @@ int initgroups(const char *, gid_t); int iruserok(u_int32_t, int, const char *, const char *); int iruserok_sa(const void *, int, int, const char *, const char *); int lchown(const char *, uid_t, gid_t); -char *mkdtemp(char *); -int mkstemp(char *); -int mkstemps(char *, int); -char *mktemp(char *); int nfssvc(int, void *); int nice(int); void psignal(unsigned int, const char *); diff --git a/lib/libc/stdio/mktemp.3 b/lib/libc/stdio/mktemp.3 index 50ef13e896c..6d65ef74185 100644 --- a/lib/libc/stdio/mktemp.3 +++ b/lib/libc/stdio/mktemp.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: mktemp.3,v 1.34 2003/10/17 09:50:18 jmc Exp $ +.\" $OpenBSD: mktemp.3,v 1.35 2005/05/27 17:45:56 millert Exp $ .\" .\" Copyright (c) 1989, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -37,7 +37,7 @@ .Nm mkdtemp .Nd make temporary file name (unique) .Sh SYNOPSIS -.Fd #include <unistd.h> +.Fd #include <stdlib.h> .Ft char * .Fn mktemp "char *template" .Ft int @@ -49,23 +49,22 @@ .Sh DESCRIPTION The .Fn mktemp -function takes the given file name template and overwrites a portion of it -to create a file name. +family of functions take the given file name template and overwrite +a portion of it to create a new file name. This file name is unique and suitable for use by the application. The template may be any file name with some number of .So Li X .Sc Ns s appended to it, for example -.Pa /tmp/temp.XXXX . +.Pa /tmp/temp.XXXXXX . The trailing .So Li X .Sc Ns s are replaced with the current process number and/or a unique letter combination. -The number of unique file names -.Fn mktemp -can return depends on the number of +The number of unique file names that +can be returned depends on the number of .So Li X .Sc Ns s provided; six @@ -81,6 +80,23 @@ At least 6 should be used, though 10 is much better. .Pp The +.Fn mktemp +function generates a temporary file name based on a template as +described above. +Because +.Fn mktemp +does not actually create the temporary file there is a window of +opportunity during which another process can open the file instead. +Because of this race condition the +.Fn mktemp +should not be used in new code. +.Fn mktemp +was marked as a legacy interface in +.St -p1003.1-2001 +and may be removed in a future release of +.Ox . +.Pp +The .Fn mkstemp function makes the same replacement to the template and creates the template file, mode 0600, returning a file descriptor opened for reading and writing. @@ -162,7 +178,7 @@ code which calls .Xr open 2 or .Xr fopen 3 -on that filename will occur much later. +on that file name will occur much later. (In almost all cases, the use of .Xr fopen 3 will mean that the flags @@ -204,7 +220,7 @@ functions may set to one of the following values: .Bl -tag -width Er .It Bq Er ENOTDIR -The pathname portion of the template is not an existing directory. +The path name portion of the template is not an existing directory. .El .Pp The @@ -288,7 +304,7 @@ device) that the attacker has created in the expected file location. Hence .Fn mkstemp is recommended, since it atomically creates the file. -An attacker can guess the filenames produced by +An attacker can guess the file names produced by .Fn mktemp . Whenever it is possible, .Fn mkstemp |