summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorguenther <>2025-08-04 04:59:31 +0000
committerguenther <>2025-08-04 04:59:31 +0000
commiteb862aea8decc2e0f026db58ba20b6f168806979 (patch)
treed24aa432577a78ea21d815494fb1cda00d6ef8bc /src
parent451323135e56bc52945da72e2bf9f6b0992e35b3 (diff)
downloadopenbsd-eb862aea8decc2e0f026db58ba20b6f168806979.tar.gz
openbsd-eb862aea8decc2e0f026db58ba20b6f168806979.tar.bz2
openbsd-eb862aea8decc2e0f026db58ba20b6f168806979.zip
Implement the POSIX-2024 close-on-fork flag, but modified to be
reset on exec as preserving it across exec is not necessary for its original purpose and has security and usability concerns. Many thanks to Ricardo Branco (rbranco (at) suse.de) who did an independent implementation, caught that /dev/fd/* needed to be handled, and provided a port of the illumos test suite. Thanks to tb@ for assistance with that. ok deraadt@
Diffstat (limited to 'src')
-rw-r--r--src/lib/libc/stdlib/mkstemp.c5
-rw-r--r--src/lib/libc/stdlib/mktemp.314
2 files changed, 10 insertions, 9 deletions
diff --git a/src/lib/libc/stdlib/mkstemp.c b/src/lib/libc/stdlib/mkstemp.c
index 75a9d27d1a..760575005f 100644
--- a/src/lib/libc/stdlib/mkstemp.c
+++ b/src/lib/libc/stdlib/mkstemp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: mkstemp.c,v 1.1 2024/01/19 19:45:02 millert Exp $ */ 1/* $OpenBSD: mkstemp.c,v 1.2 2025/08/04 04:59:31 guenther Exp $ */
2/* 2/*
3 * Copyright (c) 2024 Todd C. Miller 3 * Copyright (c) 2024 Todd C. Miller
4 * 4 *
@@ -20,7 +20,8 @@
20#include <fcntl.h> 20#include <fcntl.h>
21#include <stdlib.h> 21#include <stdlib.h>
22 22
23#define MKOSTEMP_FLAGS (O_APPEND | O_CLOEXEC | O_DSYNC | O_RSYNC | O_SYNC) 23#define MKOSTEMP_FLAGS \
24 (O_APPEND | O_CLOEXEC | O_CLOFORK | O_DSYNC | O_RSYNC | O_SYNC)
24 25
25static int 26static int
26mkstemp_cb(const char *path, int flags) 27mkstemp_cb(const char *path, int flags)
diff --git a/src/lib/libc/stdlib/mktemp.3 b/src/lib/libc/stdlib/mktemp.3
index 83b7c9eb30..e57ac77717 100644
--- a/src/lib/libc/stdlib/mktemp.3
+++ b/src/lib/libc/stdlib/mktemp.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: mktemp.3,v 1.2 2024/03/01 21:30:40 millert Exp $ 1.\" $OpenBSD: mktemp.3,v 1.3 2025/08/04 04:59:31 guenther Exp $
2.\" 2.\"
3.\" Copyright (c) 1989, 1991, 1993 3.\" Copyright (c) 1989, 1991, 1993
4.\" The Regents of the University of California. All rights reserved. 4.\" The Regents of the University of California. All rights reserved.
@@ -27,7 +27,7 @@
27.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28.\" SUCH DAMAGE. 28.\" SUCH DAMAGE.
29.\" 29.\"
30.Dd $Mdocdate: March 1 2024 $ 30.Dd $Mdocdate: August 4 2025 $
31.Dt MKTEMP 3 31.Dt MKTEMP 3
32.Os 32.Os
33.Sh NAME 33.Sh NAME
@@ -119,6 +119,8 @@ system call:
119Append on each write. 119Append on each write.
120.It Dv O_CLOEXEC 120.It Dv O_CLOEXEC
121Set the close-on-exec flag on the new file descriptor. 121Set the close-on-exec flag on the new file descriptor.
122.It Dv O_CLOFORK
123Set the close-on-fork flag on the new file descriptor.
122.It Dv O_SYNC 124.It Dv O_SYNC
123Perform synchronous I/O operations. 125Perform synchronous I/O operations.
124.El 126.El
@@ -345,18 +347,16 @@ function.
345.Xr tmpnam 3 347.Xr tmpnam 3
346.Sh STANDARDS 348.Sh STANDARDS
347The 349The
348.Fn mkdtemp 350.Fn mkdtemp ,
351.Fn mkostemp ,
349and 352and
350.Fn mkstemp 353.Fn mkstemp
351functions conform to the 354functions conform to the
352.St -p1003.1-2008 355.St -p1003.1-2024
353specification. 356specification.
354The ability to specify more than six 357The ability to specify more than six
355.Em X Ns s 358.Em X Ns s
356is an extension to that standard. 359is an extension to that standard.
357The
358.Fn mkostemp
359function is expected to conform to a future revision of that standard.
360.Pp 360.Pp
361The 361The
362.Fn mktemp 362.Fn mktemp
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-23 00:34:41 +0000