[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Xen-devel] Instant Xen guest (guest-magic tool)
On Sat, Apr 14, 2007 at 09:51:42AM -0500, Gaurav Maheshbhai Patel wrote:
> The comment on /tmp/guestmagic was really good.
> I was wondering what if we use /tmp/$$
> > commands.getoutput('xm list > /tmp/$$')
> Is it create the same problem as /tmp/guestmagic?
Pretty much. Process IDs are still *predictable* since they
tend to be sequential under most systems.
Still this is better than a static name. You should really
use a pipe. If you can't then use a secure filename which
can't be guessed by a local user.
This is pretty off-topic for the xen list though, so I'll
just suggest you look at the Secure Programming Howto:
Specifically the section on temporary files being used in
Xen-devel mailing list