This document discusses temporary files and randomness. It outlines issues with creating temporary files in insecure directories like /tmp, including name collisions and race conditions. It recommends using OS functions like mktemp, mkstemp, and mkdtemp to generate unique, unpredictable temporary file names. It also discusses the need for cryptographically secure random numbers and recommends using OS devices like /dev/urandom as sources of randomness.

1. Course 2: Programming Issues,
Section 6
Pascal Meunier, Ph.D., M.Sc., CISSP
May 2004; updated September 28, 2004
Developed thanks to the support of Symantec Corporation,
NSF SFS Capacity Building Program (Award Number 0113725) and
the Purdue e-Enterprise Center
Copyright (2004) Purdue Research Foundation. All rights reserved.

2. About These Slides
Developed thanks to Symantec’s support
Reviewed by Symantec engineers
– Special thanks to:
Jared Robinson
Alan Krassowski
Craig Ozancin
Free to use
– Notes, comments, suggestions, or modified slides are
appreciated (pmeunier@purdue.edu)
If you modify them, please keep this slide and add
a note stating that you modified them

3. Course 2 Learning Plan
Buffer Overflows
Format String Vulnerabilities
Code Injection and Input Validation
Cross-site Scripting Vulnerabilities
Links and Race Conditions
Temporary Files and Randomness
Canonicalization and Directory Traversal

4. Learning objectives
Understand why creating files in insecure
directories like /tmp is difficult but useful
Learn why OS-provided function calls help
tremendously
Understand the need for good randomness
Learn which OS-provided function calls help
provide good random numbers
Learn how to create random file names

5. Temporary Files and Randomness: Outline
Temporary Files
– Problem Statement
– Survey of functions
UNIX
Windows
Randomness
– Need
– Types of random numbers
– Devices
– Windows API

6. Temporary Files
Space for temporary files is found in directories
such as /tmp, /var/tmp or C:TEMP, where
everyone can write
Space may be purged regularly (e.g., "every night,
files older than 5 days are deleted") and during
reboot
Space used by many UNIX or Windows utilities,
installers and programs
UNIX systems are often configured so that this
space is not counted as part of user quota
– Allow large, temporary jobs

7. Temporary Files Issues
Need an unpredictable name to avoid a collision
between links and your files or directories
There's a race condition between testing if a file
exists and creating it
Need correct permissions
There's a race condition between creating and
setting permissions
Need OS support!

8. Name Collisions Attacks
What if the name of your temporary file (lock file or
other) in /tmp is constant or predictable?
– Your program using a lock file may never run or do what
it's supposed to!
Run the lock.c example from part A, but this time, create a
lock file beforehand... Your program will never get past the
lock file test (obviously)
Lock files need to be put where other users can't create files
– It's easy to make a symlink pointing to a sensitive file
Symlink attacks are easier if the name of the
temporary file is predictable

9. How Not to Choose a Random Name
Use the process ID
Use the user ID
Use the time of day
Use a counter
Use a bad random number generator
etc...

10. OS Support for Temporary Files
The following take a filename “template” as input
– mktemp - generate temporary file name (unique)
– mkstemp - also create the file
– mkstemps - generate temporary file name with suffix
– mkdtemp - create a directory
Overwrite part of a template to create a unique
name
Some of these functions used to create names
using parts of the date or process ID, etc... and
were insecure

11. mktemp (1) (3)
Section (1): command line (shell scripts)
– BSD/MacOS X:
– creates file with mode 0600
unique name
Section (3): C programs
– Race condition between getting the name and creating
the file!
– The program must use "open" with the O_CREAT |
O_EXCL flags, and loop until the file is successfully
created, or use a different function

12. Command Line Example
% mktemp "testXXXX"
testpnbE
% ls -al
-rw------- pascal staff testpnbE

13. mkstemp
Creates name
Creates file open for reading and writing with mode
0600
Returns a file descriptor
No race condition!
Recommended function
Usage for extremely paranoid people:
“Unlink” the hard link pointing to the descriptor
immediately afterwards (this is a race condition)
The file still exists but nobody else (except with
difficulty, the superuser) can access it

14. Mini Lab
Take the previous lock.c example
Modify it to use mkstemp to generate a temporary
file with a unique name
Of course, the temporary file created that way is
not a lock file anymore, and would be used to store
temporary data instead

15. Windows
No equivalent to mkstemp()
GetTempFileName
– Creates names by incrementing a counter!
– Predictable file name
Race condition between getting the name and
creating the file
– Attacker could create the file to prevent you from using it
– If you use the CREATE_ALWAYS flag, see next slide
Under Windows, you have no choice but to write
your own function
Still a race condition, limitation due to lack of OS
support

16. Windows CreateFile Problems
Recommended use with the "CREATE_ALWAYS"
flag is dangerous
– "CREATE_ALWAYS" flag recommended by MSDN,
Howard and Leblanc 2003
Overwrites the file
Does not set the security descriptor specified by the
SECURITY_ATTRIBUTES structure
– Do the SECURITY_ATTRIBUTES matter to your application?
Perfect opportunity to trick you into overwriting a
sensitive file
– e.g., with a hard link
– Can't use the flag to not follow reparse points

17. Windows CreateFile
TRUNCATE_EXISTING will follow a hard link and
could truncate something else than intended
Use "CREATE_NEW"
– "The function fails if the specified file already exists. "
(MSDN)
– You need to check for errors and loop until the file is
successfully created

18. GetTempPath
MSDN recommends that software use the
GetTempPath function to get the location of the
temp dir, but this is dangerous
Checks for the existence of environment variables
in the following order and uses the first path found:
1. The path specified by the TMP environment variable.
2. The path specified by the TEMP environment variable.
3. The path specified by the USERPROFILE environment
variable.
4. The Windows directory."
Are the environment variables safe to use?
– Probably not unless you set them yourself

19. Exercise (Windows): Creating Temporary Files
Go to
http://msdn.microsoft.com/library/default.asp?url=/li
brary/en-
us/fileio/base/creating_and_using_a_temporary_file
.asp
Discuss things that you would do differently,
compared to the example, when creating a
temporary file in Windows
– Find the race condition (hint: MoveFileEx)

20. Exercise Answers
Possible answers:
– They used the CREATE_ALWAYS flag instead of
CREATE_NEW
Add a loop until success
– Use randomly generated file names
How to do that on Windows? (see next slides)

21. The Need for Random Numbers
Unique file or directory names
Session IDs that carry proof of authentication
(nonces), passwords
Games (data, behavior, opponent generation,
character generation)
Encryption
Cryptographic protocols

22. How Random Numbers Are Generated
Linear Congruential Generators
– Simple way to generate pseudo-random numbers
– Easily cracked
– Produce finite sequences of numbers
– Each number is tied to the others
– Some sequences of numbers will not ever be generated
Cryptographic random number generators
Entropy sensors (i.e., extracted randomness)

23. Seeded Random Number Generators
Pseudo-random generators depend solely on a
seed, which determines the entire sequence of
numbers returned
How random is the seed?
– Process ID, UserID: Bad Idea
– Current time: if you’re running NTP (Network Time
Protocol) all systems are synchronized up to some
precision. If you use the time, maybe I can guess which
seed you used (microsecond part might be difficult to
guess, but is limited)

24. How to Cheat At Random Number Generation
Find a seed that will produce the numbers you want
Seed the generator with it
Convince someone: "it's random, see?"
– RPG Character generation, etc...

25. Roll Your Own Generator?
What matters is not only the average and the
variance of the numbers generated
All sequences of numbers must be possible
LCGs travel definite, limited “paths” through the
universe of possible sequences
Need to incorporate entropy as it becomes
available
Need to avoid betraying the internal state of the
generator...
It's difficult to do correctly

26. Which Generator to use?
Read description, avoid Linear Congruential
Generators such as these:
– “C” rand(3)
– rand (Windows)
– Perl rand
– C# Random
– PHP rand

27. Good Generators
Hardware-based
– Noise
Cryptographical quality software, entropy-seeded
– Fast, secure
Pure Entropy
– Random timing of events
Packets
Mouse movement, clicks
Keyboard
– Slow

28. Linux/UNIX Devices
/dev/random:
– MacOS X: same as urandom
– Linux: this is a blocking call that returns only when
sufficient entropy has been captured
– Good for seeding pseudo-random number generators
/dev/urandom:
– Implements a fairly complex algorithm that varies
between “random” and a well-seeded LCG depending on
the availability of entropy
– Non-blocking call
– Try "cat /dev/urandom"

29. Portability
FreeBSD, OpenBSD, NetBSD compatible
Several projects ported the functionality to Solaris,
HP-UX, AIX, IRIX
MacOS X implements Yarrow for both random and
urandom (so the behavior of “random” is
unexpected).

30. Windows
Windows developers must use the function
CryptGenRandom(), which uses the same idea as
/dev/urandom
There is no directly accessible entropy collector
provided by the OS
– Reference: "Secure Programming Cookbook", section
11.4 (Viega et al.)

31. Mini-lab
Take the previous mini-lab (lock.c)
Modify it to use random numbers from
/dev/urandom instead of mkstemp, to generate a
temporary file with a unique name
– To obtain random bytes, open the device and read from it

32. Questions or Comments?
§

33. About These Slides
You are free to copy, distribute, display, and perform the work; and
to make derivative works, under the following conditions.
– You must give the original author and other contributors credit
– The work will be used for personal or non-commercial educational uses
only, and not for commercial activities and purposes
– For any reuse or distribution, you must make clear to others the terms of
use for this work
– Derivative works must retain and be subject to the same conditions, and
contain a note identifying the new contributor(s) and date of modification
– For other uses please contact the Purdue Office of Technology
Commercialization.
Developed thanks to the support of Symantec
Corporation

34. Pascal Meunier
pmeunier@purdue.edu
Contributors:
Jared Robinson, Alan Krassowski, Craig Ozancin, Tim
Brown, Wes Higaki, Melissa Dark, Chris Clifton, Gustavo
Rodriguez-Rivera