From: Jeffrey Walton <noloader@gmail.com>
To: guile-devel@gnu.org
Subject: libguile-2.2.2 uses tmpnam
Date: Sat, 21 Oct 2017 05:05:35 -0400 [thread overview]
Message-ID: <CAH8yC8mfdxg5sq4Mcxauv=-MLR7L7fiPuTRLOLw83jvvLUjfRQ@mail.gmail.com> (raw)
My apologies for writing about this. I found one previous thread that
mentioned it, but it was working a clock_t problem. Cf.,
https://lists.gnu.org/archive/html/bug-guile/2011-05/msg00024.html
I'm seeing the following when compiling libguile-2.2.2 from sources.
The use of tmpnam caught my eye because I have not seen that warning
in years. I thought it went extinct in the early 2000's.
At this point it time its probably best to use an equivalent function
with better security properties. If an equivalent function with better
security properties is not feasible, then I would prefer to remove it
all together. Its 2017 and any program calling tmpnam is defective.
I'm happy to configure libguile to remove tmpnam and break other
libraries. I don't believe its a configuration option at the moment.
`./configure --help | egrep 'tmpnam|insecure'` returns 0 hits.
I regularly configured OpenSSL with no-ssl2 and no-ssl3 years before
OpenSSL made it a default. I was always able to manage without the
broken protocols. I promise most users will not miss it.
If interested, I'm building GnuTLS from sources, including its
dependencies. GnuTLS is high integrity software. Supply chain
management kind of dictates it should not be calling a module that
provides or uses tmpnam.
Jeff
**************************************************
$ make V=1
...
.libs/libguile_2.2_la-net_db.o .libs/libguile_2.2_la-socket.o
.libs/libguile_2.2_la-regex-posix.o -Wl,--whole-archive
../lib/.libs/libgnu.a -Wl,--no-whole-archive -Wl,-rpath
-Wl,/usr/local/lib -lgc -lffi -L/usr/local/lib
/usr/local/lib/libunistring.so /usr/local/lib/libiconv.so
/usr/local/lib/libgmp.so /usr/lib/x86_64-linux-gnu/libltdl.so -lcrypt
-ldl -lpthread -lm -m64 -march=native -Wl,-z -Wl,relro
-Wl,--version-script=./libguile.map -m64 -Wl,-rpath -Wl,/usr/local/lib
-Wl,-soname -Wl,libguile-2.2.so.1 -o .libs/libguile-2.2.so.1.2.0
.libs/libguile_2.2_la-posix.o: In function `scm_tmpnam':
posix.c:(.text+0x2003): warning: the use of `tmpnam' is dangerous,
better use `mkstemp'
libtool: link: (cd ".libs" && rm -f "libguile-2.2.so.1" && ln -s
"libguile-2.2.so.1.2.0" "libguile-2.2.so.1")
libtool: link: (cd ".libs" && rm -f "libguile-2.2.so" && ln -s
"libguile-2.2.so.1.2.0" "libguile-2.2.so")
next reply other threads:[~2017-10-21 9:05 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-21 9:05 Jeffrey Walton [this message]
2017-10-24 11:47 ` libguile-2.2.2 uses tmpnam Jeffrey Walton
2017-10-24 12:11 ` Roel Janssen
2017-10-24 23:24 ` Matt Wette
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/guile/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAH8yC8mfdxg5sq4Mcxauv=-MLR7L7fiPuTRLOLw83jvvLUjfRQ@mail.gmail.com' \
--to=noloader@gmail.com \
--cc=guile-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).