LibTiff Mailing List

On 1/10/2011 7:01 PM, Igor Skochinsky wrote:
> EL>  On Windows, one can use tmpfile_s().
>
> Do NOT use tmpfile() ('secure' or not). Due to the DOS legacy, it
> tries to create the file in the root directory of the current drive, which
> fails for C:\ under non-admin user on Vista and later.
> Use instead tmpnam() followed by fopen() with mode "w+bTD" (write, binary,
> temporary, delete on close).

Good point. However, doesn't using tmpnam() will re-introduce the 
possibility of a TOCTOU attack? It took me a while to find the current 
CERT recommendation on this [1]. The sad state of affairs as I read it 
seems that there is no 100% secure way to create temporary files on 
Windows!?

-Edward

1. 
https://www.securecoding.cert.org/confluence/display/seccode/FIO43-C.+Do+not+create+temporary+files+in+shared+directories


AWARE [SYSTEMS]		Imaging expertise for the Delphi developer
		TIFF and LibTiff Mailing List Archive
	LibTiff Mailing List TIFF and LibTiff Mailing List Archive January 2011 Previous Thread Next Thread Previous by Thread Next by Thread Previous by Date Next by Date Contact The TIFF Mailing List Homepage This list is run by Frank Warmerdam Archive maintained by AWare Systems	Thread 2011.01.10 16:18 "Missing mkstemp() on Visual Studio 2008", by Jeff Mckenna 2011.01.10 16:59 "Re: Missing mkstemp() on Visual Studio 2008", by Edward Lam 2011.01.10 18:59 "Re: Missing mkstemp() on Visual Studio 2008", by Jeff Mckenna 2011.01.10 20:35 "Re: Missing mkstemp() on Visual Studio 2008", by Edward Lam 2011.01.10 20:37 "Re: Missing mkstemp() on Visual Studio 2008", by Edward Lam 2011.01.10 20:54 "Re: Missing mkstemp() on Visual Studio 2008", by Bob Friesenhahn 2011.01.10 21:30 "Re: Missing mkstemp() on Visual Studio 2008", by Edward Lam 2011.01.11 00:01 "Re: Missing mkstemp() on Visual Studio 2008", by Igor Skochinsky 2011.01.11 15:41 "Re: Missing mkstemp() on Visual Studio 2008", by Edward Lam 2011.01.11 16:18 "Re: Missing mkstemp() on Visual Studio 2008", by Olivier Paquet 2011.01.11 16:38 "Re: Missing mkstemp() on Visual Studio 2008", by Igor Skochinsky 2011.01.11 15:41 "Re: Missing mkstemp() on Visual Studio 2008", by Edward Lam On 1/10/2011 7:01 PM, Igor Skochinsky wrote: > EL> On Windows, one can use tmpfile_s(). > > Do NOT use tmpfile() ('secure' or not). Due to the DOS legacy, it > tries to create the file in the root directory of the current drive, which > fails for C:\ under non-admin user on Vista and later. > Use instead tmpnam() followed by fopen() with mode "w+bTD" (write, binary, > temporary, delete on close). Good point. However, doesn't using tmpnam() will re-introduce the possibility of a TOCTOU attack? It took me a while to find the current CERT recommendation on this [1]. The sad state of affairs as I read it seems that there is no 100% secure way to create temporary files on Windows!? -Edward 1. https://www.securecoding.cert.org/confluence/display/seccode/FIO43-C.+Do+not+create+temporary+files+in+shared+directories

LibTiff Mailing List

Thread

2011.01.11 15:41 "Re: Missing mkstemp() on Visual Studio 2008", by Edward Lam