ssh-keygen: error if file is directory
Jim Knoble
jmknoble at pobox.com
Fri Jan 10 07:02:29 AEDT 2025
> On Jan 9, 2025, at 10:31, Bob Proulx <bob at proulx.com> wrote:
>
> [...] In cases where
> something is checked and then later used there is a gap of time when
> the thing that was checked might be moved out of the way and replaced
> with a different thing before it is used. That's a classic race
> condition attack. [...]
Thanks for calling that out, Bob.
This class of defect is sometimes referred to as [TOCTOU][*]. (The "Preventing TOCTOU" section talks about why the OpenSSH code is structured as it is: "EAFP").
[*]: https://en.m.wikipedia.org/wiki/Time-of-check_to_time-of-use
--
jim knoble
More information about the openssh-unix-dev
mailing list