From 0415740bb569bad53b18f4483837e7e037f88544 Mon Sep 17 00:00:00 2001 From: Ben Kaduk Date: Tue, 3 Jul 2012 10:27:20 -0400 Subject: Remove last uses of "possibly-insecure" mktemp(3) Many libc implementations include notations to the linker to generate warnings upon references to mktemp(3), due to its potential for insecure operation. This has been the case for quite some time, as was noted in RT #6199. Our usage of the function has decreased with time, but has not yet disappeared entirely. This commit removes the last few instances from our tree. kprop's credentials never need to hit the disk, so a MEMORY ccache is sufficient (and does not need randomization). store_master_key_list is explicitly putting keys on disk so as to do an atomic rename of the stash file, but since the stash file should be in a root-only directory, we can just use a fixed name for the temporary file. When using this fixed name, we must detect (and error out) if the temporary file already exists; add a test to confirm that we do so. ticket: 1794 --- src/tests/t_mkey.py | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'src/tests') diff --git a/src/tests/t_mkey.py b/src/tests/t_mkey.py index 35d14f7..3cecabf 100644 --- a/src/tests/t_mkey.py +++ b/src/tests/t_mkey.py @@ -155,6 +155,15 @@ check_master_dbent(1, (1, defetype)) check_stash((1, defetype)) check_mkvno(realm.user_princ, 1) +# Check that stash will fail if a temp stash file is already present. +collisionfile = os.path.join(realm.testdir, 'stash_tmp') +f = open(collisionfile, 'w') +f.close() +output = realm.run([kdb5_util, 'stash'], expected_code=1) +if 'Temporary stash file already exists' not in output: + fail('Did not detect temp stash file collision') +os.unlink(collisionfile) + # Add a new master key with no options. Verify that: # 1. The new key appears in list_mkeys but has no activation time and # is not active. -- cgit v1.1