https://bugzilla.redhat.com/show_bug.cgi?id=974852 --- Comment #15 from Andy Lutomirski <luto@xxxxxxx> --- The usual mktemp(3) pattern is: mktemp(name); open(name, O_RDWR); this is broken -- name could be replaced by a symlink between the two calls. fish is doing: mktemp(name); open(name, O_RDWR | O_CREAT | O_EXCL | O_TRUNC | O_CLOEXEC); I don't know what O_TRUNC is for there, but it should have no effect. Critically, though, the O_EXCL flag will cause open to fail if name has been replaced by a symlink. If that happens, fish will try again. It isn't using mkstemp because mkstemp doesn't pass O_CLOEXEC. mkostemp would work, but it's not portable. So, unless fish were willing to have a separate code path for Linux, I'm not sure how it can do better, and I think that the current code is secure. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review