From: Kilgallen@SpamCop.net (Larry Kilgallen)
Subject: Re: ACT announces availability of GNAT 3.14p
Date: 11 Feb 2002 10:19:46 -0600
Date: 2002-02-11T10:19:46-06:00 [thread overview]
Message-ID: <XLQoaxSGta64@eisner.encompasserve.org> (raw)
In-Reply-To: 87k7tkkqbo.fsf@deneb.enyo.de
In article <87k7tkkqbo.fsf@deneb.enyo.de>, Florian Weimer <fw@deneb.enyo.de> writes:
> dewar@gnat.com (Robert Dewar) writes:
>
>> You misunderstand what I am saying. When the user asks for
>> a temporary file *explicitly* (nothing silent about that),
>> then the temporary file goes in TMP, which seems the right
>> semantics for a Unix environment to us. If you are concerned about the
>> security issue, e.g. if you are writing a setuid program in Ada, then
>> most certainly I would advise against explicit use of temporary files
>> in the Ada sense.
>
> You are mixing two things here. (Maybe I have been mixing these two
> things, too, but I don't think so!) The problem in GNAT 3.14p and
> earlier affects *all* programs running on a multi-user system which
> create temporary files. As a result, you cannot use the Ada temporary
> file facility at all, at least if you care about security.
I believe saying "*all* programs running on a multi-user system which
create temporary files" is overly broad. If GNAT is conforming to
operating system expectations as Robert Dewar said, then on VMS
it might use SYS$SCRATCH as the storage area, and by default that
is fully protected from other unprivileged users. If for some
reason you want to reduce the security on a VMS system, there are
steps you can take to make SYS$SCRATCH not be protected from other
unprivileged users. (Actually, VMS has a different mechanism that
GNAT might also use that puts the file into no directory.)
I would hope that on Unix there is some way to redefine /tmp so
as to provide more protection. But attempting to make the default
use of /tmp by an Ada program more secure than the default use of /tmp
by a shell script will be effective only if you also prevent use of
/tmp by shell scripts.
next prev parent reply other threads:[~2002-02-11 16:19 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-01-31 2:49 ACT announces availability of GNAT 3.14p Robert Dewar
2002-02-03 8:07 ` Leon Winslow
2002-02-03 10:56 ` Dmitry A. Kazakov
2002-02-03 14:18 ` Robert Dewar
2002-02-03 14:46 ` Samuel Tardieu
2002-02-03 19:53 ` Robert Dewar
2002-02-03 13:13 ` Larry Kilgallen
2002-02-03 13:47 ` Jeffrey Creem
2002-02-03 14:11 ` Robert Dewar
2002-02-03 16:50 ` Pascal Obry
2002-02-17 5:37 ` jim
2002-02-17 11:20 ` Pascal Obry
2002-02-04 14:13 ` Stephen Leake
2002-02-04 16:07 ` Stephen Leake
2002-02-04 17:18 ` Darren New
2002-02-04 18:36 ` Preben Randhol
2002-02-04 19:08 ` Pascal Obry
2002-02-06 21:36 ` Karl Ran
2002-02-07 8:15 ` Preben Randhol
2002-02-07 15:06 ` Stephen Leake
2002-02-08 1:09 ` Robert Dewar
2002-02-08 11:23 ` John English
2002-02-08 12:33 ` Georg Bauhaus
2002-02-10 18:22 ` Robert Dewar
2002-02-10 18:53 ` Matthew Woodcraft
2002-02-12 12:14 ` John English
2002-02-08 17:10 ` Stephen Leake
2002-02-10 9:26 ` Florian Weimer
2002-02-10 10:07 ` Florian Weimer
2002-02-10 9:26 ` Florian Weimer
2002-02-10 18:38 ` Robert Dewar
2002-02-10 19:23 ` Florian Weimer
2002-02-10 21:55 ` Robert Dewar
2002-02-10 22:05 ` Florian Weimer
2002-02-11 12:36 ` Robert Dewar
2002-02-11 15:09 ` Florian Weimer
2002-02-11 16:19 ` Larry Kilgallen [this message]
2002-02-11 16:49 ` Aidan Skinner
2002-02-11 19:16 ` Florian Weimer
2002-02-11 19:36 ` Larry Kilgallen
2002-02-12 2:18 ` Robert Dewar
2002-02-12 21:10 ` Florian Weimer
2002-02-12 21:59 ` Larry Kilgallen
2002-02-11 18:55 ` Samuel Tardieu
2002-02-12 14:47 ` Karl Ran
2002-02-12 15:28 ` Aidan Skinner
2002-02-12 15:51 ` David C. Hoos
2002-02-12 15:40 ` Florian Weimer
-- strict thread matches above, loose matches on Subject: below --
2002-01-31 8:22 Christoph Grein
2002-02-10 18:32 ` Robert Dewar
[not found] <0d3401c1b3dd$25df9ac0$453ab4d8@sy.com>
2002-02-12 15:47 ` Aidan Skinner
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox