Fri Jul 3 19:26:00 GMT 2009
On Fri, Jul 03, 2009 at 01:19:10PM -0600, Eric Blake wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>According to Christopher Faylor on 7/3/2009 9:17 AM:
>> Is there some reason why we're not just using the newlib version of all
>> of these functions? I have stared at the code in mktemp.cc and the only
>> thing I see that seems to be Cygwin specific is the arc4random function.
>> Is the security that this provides the only reason not to use newlib?
>> That is probably a good enough reason right there but I was just
>Well, before today, cygwin had mkdtemp but newlib didn't. But you are
>correct that after today, the only substantial difference is getpid() vs.
>arc4random(). For mkstemp, this is not an issue. But guess which one is
>more predictable, and thus makes for a less secure mktemp (even though we
>already have a compiler warning that mktemp is insecure)?
>Maybe it would be worth pushing the arc4random approach to newlib?
I'm not sure exactly how you'd do that. Obviously you can use
/dev/random on linux. For windows, you'd have to port windows-specific
functions to newlib. I don't think there is any precedent for that.
Sounds like more work than it's worth.
More information about the Cygwin-patches