Date: Tue, 20 Oct 1998 15:34:00 -0600 From: Warner Losh <imp@village.org> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: Bruce Evans <bde@zeta.org.au>, peter@netplex.com.au, cvs-all@FreeBSD.ORG, cvs-committers@FreeBSD.ORG Subject: Re: cvs commit: src/lib/libc/stdio mktemp.c Message-ID: <199810202134.PAA28899@harmony.village.org> In-Reply-To: Your message of "Tue, 20 Oct 1998 12:12:06 PDT." <199810201912.MAA28626@apollo.backplane.com> References: <199810201912.MAA28626@apollo.backplane.com> <199810201628.CAA15294@godzilla.zeta.org.au>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199810201912.MAA28626@apollo.backplane.com> Matthew Dillon writes: : We have enough problems with security, we don't need to add mkstemp() : to the fray after the time had been spent to make it secure. I don't : give a fart what the 'standards' say... creating files in /tmp is : already an extremely dangerous proposition. Don't screw it up even more : by de-securing the function call! Any commits tha mkstemp not create the file 600 will be backed out by me with extreme prejustice. Period. I don't give two rats asses about standards, tradition or anything else. If an application wants to share a /tmp file with someone else, fchmod(2) exists for those people. Sorry to be so harsh, but I agree 100% with Matt here. We have enough problems with people not using mkstemp in the tree now that I don't want to *ANYTHING* to make mkstemp any less secure. I'll have to take a good hard look at Peter's commit to see what he's trying to fix. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199810202134.PAA28899>