Date: Tue, 12 Dec 2000 18:08:05 -0800 From: Kris Kennaway <kris@FreeBSD.ORG> To: Warner Losh <imp@village.org> Cc: Will Andrews <will@physics.purdue.edu>, Chris Faulhaber <jedgar@fxp.org>, freebsd-audit@FreeBSD.ORG Subject: Re: mktemp(1) usage Message-ID: <20001212180805.B10901@citusc.usc.edu> In-Reply-To: <200012100529.WAA26442@harmony.village.org>; from imp@village.org on Sat, Dec 09, 2000 at 10:29:50PM -0700 References: <20001209171334.J671@puck.firepipe.net> <20001209150853.A57045@peitho.fxp.org> <20001209171334.J671@puck.firepipe.net> <200012100529.WAA26442@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--k1lZvvs/B4yU6o8G Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Dec 09, 2000 at 10:29:50PM -0700, Warner Losh wrote: > In message <20001209171334.J671@puck.firepipe.net> Will Andrews writes: > : On Sat, Dec 09, 2000 at 03:08:54PM -0500, Chris Faulhaber wrote: > : > Would it be more appropriate for scripts such as periodic(8) to > : > call mktemp(1) using the -t flag. In addition to using TMPDIR, > : > this allows the use of the system's _PATH_TMP instead of > : > hardcoding /tmp. > :=20 > : Maybe that method doesn't use a random enough number to avoid file > : races? >=20 > If it doesn't, then maybe it should, don't you think. But I think it > does. We're looking at 8 X's. It would also be a good place to bump > it to 10 if we needed to, say. No need - with the old method of mktemp() encoding you needed more than 6 X's to be secure, but with the new dense encoding even 6 is fine. Moreover, mktemp(1) is actually mkstemp(1), so there was never any problem with it unless you use -u. Kris --k1lZvvs/B4yU6o8G Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6NtoFWry0BWjoQKURAuEqAKDrLKeDObu85IrOabkRumKaNwQ3/wCg4QY6 1pBI6GbbtK5hGZeEb1f89pk= =MYnl -----END PGP SIGNATURE----- --k1lZvvs/B4yU6o8G-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001212180805.B10901>