[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[security question] creating tempfiles

Akim, the a2ps author (whom I've added as a CC here) suggested using 

	# Create the temporary directory with strict rights
	(umask 077 && mkdir $tmpdir) || exit 1

in /usr/bin/texi2dvi4a2ps. This should be portable, and not require
tempfile(1) which he can't assume to be present on all systems. [ We
discussed including it with a2ps, but this solution seemed easier.]

Could someone kindly try to poke a hole into this?  As the temp. directory is
created with a strict mask in an atomic operation, we should be fine.  Yes?
No? I'd be thankful for all comments.

Please CC me when replying, I am currently not on this list due to the large
traffic volume.

Cheers, Dirk

If the current stylistic distinctions between  open-source and commercial
software persist,  an open-software  revolution could lead to yet another
divide between haves and have-nots: those with the skills and connections 
to make  use of free  software,  and those  who must pay high  prices for
increasingly dated commercial offerings.           -- Scientific American

Reply to: