From mboxrd@z Thu Jan  1 00:00:00 1970
Path: main.gmane.org!not-for-mail
From: David Kastrup <dak@gnu.org>
Newsgroups: gmane.emacs.devel
Subject: Re: backup method
Date: Thu, 03 Feb 2005 10:27:24 +0100
Message-ID: <x5acqmxabn.fsf@lola.goethe.zz>
References: <20050127000210.GA6167@boetes.org>
	<200501270045.j0R0jIq06197@raven.dms.auburn.edu>
	<fc339e4a05012617204f4c7180@mail.gmail.com>
	<20050127015432.GB6167@boetes.org>
	<E1CuHyb-0006AB-00@fencepost.gnu.org>
	<20050128035618.GI6167@boetes.org>
	<E1Cuk2E-0003UH-Vn@fencepost.gnu.org>
	<20050129060851.GQ6167@boetes.org>
	<200501291842.j0TIgVw09020@raven.dms.auburn.edu>
	<20050129225259.GT6167@boetes.org>
	<87r7k3zti5.fsf-monnier+emacs@gnu.org>
	<E1CvPIT-0007av-GN@fencepost.gnu.org>
	<874qgyxw24.fsf-monnier+emacs@gnu.org>
	<E1Cvy71-0005le-Nd@fencepost.gnu.org>
	<878y681iga.fsf-monnier+emacs@gnu.org>
	<E1Cwaf2-0007kg-49@fencepost.gnu.org>
NNTP-Posting-Host: main.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: sea.gmane.org 1107424306 12457 80.91.229.2 (3 Feb 2005 09:51:46 GMT)
X-Complaints-To: usenet@sea.gmane.org
NNTP-Posting-Date: Thu, 3 Feb 2005 09:51:46 +0000 (UTC)
Cc: Stefan Monnier <monnier@iro.umontreal.ca>, emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Thu Feb 03 10:51:46 2005
Original-Received: from lists.gnu.org ([199.232.76.165])
	by ciao.gmane.org with esmtp (Exim 4.43)
	id 1Cwdcn-0000Yo-D8
	for ged-emacs-devel@m.gmane.org; Thu, 03 Feb 2005 10:50:09 +0100
Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1Cwdq5-0002Hz-Q7
	for ged-emacs-devel@m.gmane.org; Thu, 03 Feb 2005 05:03:53 -0500
Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1Cwdls-0001Ps-MN
	for emacs-devel@gnu.org; Thu, 03 Feb 2005 04:59:35 -0500
Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1Cwdlh-0001Lj-F2
	for emacs-devel@gnu.org; Thu, 03 Feb 2005 04:59:27 -0500
Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1Cwdlf-0001Av-Tf
	for emacs-devel@gnu.org; Thu, 03 Feb 2005 04:59:20 -0500
Original-Received: from [199.232.76.164] (helo=fencepost.gnu.org)
	by monty-python.gnu.org with esmtp (Exim 4.34) id 1CwdGu-0006HR-9F
	for emacs-devel@gnu.org; Thu, 03 Feb 2005 04:27:32 -0500
Original-Received: from localhost ([127.0.0.1] helo=lola.goethe.zz)
	by fencepost.gnu.org with esmtp (Exim 4.34)
	id 1CwdDz-0005oh-Vo; Thu, 03 Feb 2005 04:24:32 -0500
Original-To: rms@gnu.org
In-Reply-To: <E1Cwaf2-0007kg-49@fencepost.gnu.org> (Richard Stallman's
	message of "Thu, 03 Feb 2005 01:40:16 -0500")
User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/21.3.50 (gnu/linux)
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
X-MailScanner-To: ged-emacs-devel@m.gmane.org
Xref: main.gmane.org gmane.emacs.devel:32800
X-Report-Spam: http://spam.gmane.org/gmane.emacs.devel:32800

Richard Stallman <rms@gnu.org> writes:

>     Any reason why you didn't use make-temp-file?
>
> make-temp-file creates the file empty.  Between that and writing the
> data into it, someone else could delete the file and put in a symlink.

The permissions in world-writable temp directories are almost always
1777 which means that nobody but the owner can delete such a file.
Symlink attacks are only possible when the file name can be guessed by
an outside attacker _before_ the file is created.

It is probably just prehistoric and/or misconfigured systems (and
Windows?) where anybody can delete a file from somebody else in
temporary directories.

-- 
David Kastrup, Kriemhildstr. 15, 44793 Bochum