Date: Thu, 25 Jan 2007 20:26:55 +0300 (MSK) From: Anton Yuzhaninov <citrin@rambler-co.ru> To: FreeBSD-gnats-submit@FreeBSD.org Subject: docs/108346: tmpnam(3) should note that that TMPDIR env may be ignored Message-ID: <200701251726.l0PHQtMF032732@mf1.rambler.ru> Resent-Message-ID: <200701251740.l0PHeMmL079570@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 108346 >Category: docs >Synopsis: tmpnam(3) should note that that TMPDIR env may be ignored >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Thu Jan 25 17:40:21 GMT 2007 >Closed-Date: >Last-Modified: >Originator: Anton Yuzhaninov >Release: FreeBSD 6.2-RELEASE amd64 >Organization: Rambler >Environment: >Description: tmpnam(3) should note that that tmpfile() ignore TMPDIR environment variable if issetugid(3) return non zero. >How-To-Repeat: >Fix: Anything like this: --- lib/libc/stdio/tmpnam.3.orig Thu Jan 25 20:02:50 2007 +++ lib/libc/stdio/tmpnam.3 Thu Jan 25 20:19:59 2007 @@ -156,6 +156,16 @@ .Dv NULL pointer on error. +.Sh ENVIRONMENT +The +.Fn tmpfile +ignores the +.Ev TMPDIR +environment variable if process created as a result of an +.Xr execve 2 +system call which had either of the setuid or setgid bits set (and extra +privileges were given as a result) or if it has changed any of its real, +effective or saved user or group ID's since it began execution. .Sh COMPATIBILITY These interfaces are provided from System V and .Tn ANSI @@ -228,7 +238,8 @@ the FSA.) .Sh SEE ALSO .Xr mkstemp 3 , -.Xr mktemp 3 +.Xr mktemp 3 , +.Xr issetugid 2 .Rs .%T "The FreeBSD Security Architecture" .Re >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200701251726.l0PHQtMF032732>