From owner-cvs-all  Tue Oct 20 14:34:21 1998
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id OAA06451
          for cvs-all-outgoing; Tue, 20 Oct 1998 14:34:21 -0700 (PDT)
          (envelope-from owner-cvs-all@FreeBSD.ORG)
Received: from rover.village.org (rover.village.org [204.144.255.49])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id OAA06443;
          Tue, 20 Oct 1998 14:34:15 -0700 (PDT)
          (envelope-from imp@village.org)
Received: from harmony [10.0.0.6] 
	by rover.village.org with esmtp (Exim 1.71 #1)
	id 0zVjPT-0000gQ-00; Tue, 20 Oct 1998 15:33:43 -0600
Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.1/8.8.3) with ESMTP id PAA28899; Tue, 20 Oct 1998 15:34:00 -0600 (MDT)
Message-Id: <199810202134.PAA28899@harmony.village.org>
To: Matthew Dillon <dillon@apollo.backplane.com>
Subject: Re: cvs commit: src/lib/libc/stdio mktemp.c 
Cc: Bruce Evans <bde@zeta.org.au>, peter@netplex.com.au, cvs-all@FreeBSD.ORG,
        cvs-committers@FreeBSD.ORG
In-reply-to: Your message of "Tue, 20 Oct 1998 12:12:06 PDT."
		<199810201912.MAA28626@apollo.backplane.com> 
References: <199810201912.MAA28626@apollo.backplane.com>  <199810201628.CAA15294@godzilla.zeta.org.au> 
Date: Tue, 20 Oct 1998 15:34:00 -0600
From: Warner Losh <imp@village.org>
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk

In message <199810201912.MAA28626@apollo.backplane.com> Matthew Dillon writes:
:     We have enough problems with security, we don't need to add mkstemp()
:     to the fray after the time had been spent to make it secure.  I don't
:     give a fart what the 'standards' say... creating files in /tmp is
:     already an extremely dangerous proposition.  Don't screw it up even more
:     by de-securing the function call!

Any commits tha mkstemp not create the file 600 will be backed out by
me with extreme prejustice.  Period.  I don't give two rats asses
about standards, tradition or anything else.  If an application wants
to share a /tmp file with someone else, fchmod(2) exists for those
people.

Sorry to be so harsh, but I agree 100% with Matt here.  We have enough
problems with people not using mkstemp in the tree now that I don't
want to *ANYTHING* to make mkstemp any less secure.  I'll have to take
a good hard look at Peter's commit to see what he's trying to fix.

Warner

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message