| From: | "Magnus Hagander" <mha(at)sollentuna(dot)net> |
|---|---|
| To: | "Peter Eisentraut" <peter_e(at)gmx(dot)net>, <pgsql-hackers(at)postgresql(dot)org> |
| Cc: | "Yoshiyuki Asaba" <y-asaba(at)sraoss(dot)co(dot)jp> |
| Subject: | Re: pg_dump -Ft failed on Windows XP |
| Date: | 2006-04-20 11:19:16 |
| Message-ID: | 6BCB9D8A16AC4241919521715F4D8BCEA352D1@algol.sollentuna.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> > > Indeed, that's definitly a bug. Quick patch attached. It
> > does appear
> > > to work, but there may be a better way?
> >
> > This patch introduces a security hole because an attacker could
> > create, say, a suitable symlink between the time the name
> is generated
> > and the file is opened.
>
> Good point. I guess what I need to do is use open()
> specifying O_CREATE, and then fdopen() that file.
>
> Question: Is the use of O_TEMPORARY to open() portable? (my
> win32 docs say it will make the file automatically deleted
> when the last descriptor is closed, which I didn't know
> before. That would make the patch much simpler, but might
> require #ifdefs?)
Actually, since I'm running out the door, here is a new attempt that
changes behaviour only on win32. And that also appears to work, but may
be wrong ;-)
//Magnus
| Attachment | Content-Type | Size |
|---|---|---|
| pg_dump_tempfile.patch | application/octet-stream | 1.2 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2006-04-20 11:19:47 | Re: pg_dump -Ft failed on Windows XP |
| Previous Message | Martijn van Oosterhout | 2006-04-20 11:05:47 | Checking assumptions |