Anyone has time for a unittesting issue?

Andrei Alexandrescu via Digitalmars-d digitalmars-d at puremagic.com
Sat Oct 1 14:25:56 PDT 2016


On 10/01/2016 05:00 PM, Guillaume Boucher wrote:
> On Saturday, 1 October 2016 at 19:51:05 UTC, Dicebot wrote:
>> I think that is OK but only if actual file inside the dir is created
>> with `mktemp --tmpdir=/tmp/.dmd-test-run/` (or using a similar
>> technique).
>
> This is not sufficient.  Any user can create a symlink from
> /tmp/.dmd-test-run/ to e.g. /very/private/root/directory/ (that user
> can't access it, but symlinks don't check the permission of the
> target).  Executed as root user, mktemp then creates a unique file in
> /very/private/root/directory/.  Which can be used for example to litter
> a filesystem, which hurts performance or fills disks.
>
> That's why I was saying /tmp/.dmd-test-run/ should have permissions
> 0700.  I think a better naming scheme would be
> /tmp/dmd-testrun-username/, or if that already exists with wrong
> permissions /tmp/dmd-testrun-username-RANDOMCHARS/.  The files inside
> that directory don't need to have random names (afaik).

Interesting, thanks. Seems like the most robust thing to do is to not 
use /tmp/ after all. In fact, I've encountered errors because (if I 
remember correctly) we list the content of the /tmp/ directory in 
unittests and we get exceptions because some dirs are not accessible.

A PR reviewing all uses of /tmp/ would be awesome.


Andrei




More information about the Digitalmars-d mailing list