alpine 3.7
tmpfile weakness #5


Weakness Breakdown


A temporary file weakness occurs when a temporary file that is created and used by a high-privilege process is accidentally shared with a low-privilege process, on account of it being temporary and generated after all security controls have been applied. This allows the low-privilege process to read data from the high-privilege process (information leakage), or worse, influence the high-privilege process by modifying the shared temporary file.

Warning code(s):

Temporary file race condition.

File Name:



The highlighted line of code below is the trigger point of this particular Alpine 3.7 tmpfile weakness.

		return -1;
/* copy all data from one file descriptor to another */
void copy_fd(int fd_in, int fd_out)
	char buf[10240];
	int n;

	while ((n = read(fd_in, buf, sizeof(buf))) > 0) {
		if (write(fd_out, buf, n) != n) {
			fatal("Failed to copy fd");

/* cheap and nasty mkstemp replacement */
int mkstemp(char *template)
	return open(template, O_RDWR | O_CREAT | O_EXCL | O_BINARY, 0600);

/* move a file using rename */
int move_file(const char *src, const char *dest) {
	return safe_rename(src, dest);

/* copy a file - used when hard links don't work 
   the copy is done via a temporary file and atomic rename
static int copy_file(const char *src, const char *dest)
	int fd1, fd2;
	char buf[10240];
	int n;
	char *tmp_name;
	mode_t mask;

	x_asprintf(&tmp_name, "%s.XXXXXX", dest);

	fd1 = open(src, O_RDONLY|O_BINARY);
	if (fd1 == -1) {

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.