From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:52037)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1Tjnp5-0006Ku-Du
	for qemu-devel@nongnu.org; Sat, 15 Dec 2012 04:14:20 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1Tjnp2-0002Sg-Nu
	for qemu-devel@nongnu.org; Sat, 15 Dec 2012 04:14:19 -0500
Received: from mx4-phx2.redhat.com ([209.132.183.25]:51509)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1Tjnp2-0002ST-Fv
	for qemu-devel@nongnu.org; Sat, 15 Dec 2012 04:14:16 -0500
Date: Sat, 15 Dec 2012 04:14:14 -0500 (EST)
From: Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <945049786.24997408.1355562854731.JavaMail.root@redhat.com>
In-Reply-To: <CAAu8pHuweRYQq=DdE+ZLODCdD1S-qS-jx_FyRZQYmDJqzeKBXg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH 1/3] qtest: Enable creation of multiple
 qemu instances
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Blue Swirl <blauwirbel@gmail.com>
Cc: kwolf@redhat.com, Jason Baron <jbaron@redhat.com>, aliguori@us.ibm.com, qemu-devel@nongnu.org, quintela@redhat.com

> > +#define QTEST_FILE_TEMP "/tmp/qtest-%d.sock"
> > +#define QTEST_QMP_FILE_TEMP "/tmp/qtest-%d.qmp"
> > +#define QTEST_PID_FILE_TEMP "/tmp/qtest-%d.pid"
> 
> These filenames are too predictable from security point of view,

This need not be secure as long as the file is created with 0600
permissions.  In fact, inspecting the pid file from the shell can
be useful.

However, using mkstemp() on a prefix that includes the parent pid
can indeed be the best of both worlds.

Paolo