Re: [Fwd: Etch's and Lenny's mktemp seriously broken]

To: debian-user@lists.debian.org
Subject: Re: [Fwd: Etch's and Lenny's mktemp seriously broken]
From: Sven Joachim <svenjoac@gmx.de>
Date: Fri, 15 Aug 2008 12:13:59 +0200
Message-id: <[🔎] 87vdy2pouw.fsf@gmx.de>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 48A5437C.7080908@drwetter.org> (Dirk Wetter's message of "Fri, 15 Aug 2008 10:51:08 +0200")
References: <[🔎] 48A5437C.7080908@drwetter.org>

Hi Dirk,

On 2008-08-15 10:51 +0200, Dirk Wetter wrote:

> just submitted this bug. Am I missing something and is
> this somehow "on purpose"?

Well, I don't think this is a serious problem, since mktemp will create
a different file if the one with the pid already exists.  The
predictability of the file name is not nice, but it is only a security
problem if you create the file in a world-writable directory that does
not have the sticky bit set.  And in such directories, you're subject to
all kinds of race conditions anyway.

Sven

Reply to:

Follow-Ups:
- Re: [Fwd: Etch's and Lenny's mktemp seriously broken]
  - From: Sven Joachim <svenjoac@gmx.de>

References:
- [Fwd: Etch's and Lenny's mktemp seriously broken]
  - From: Dirk Wetter <spam@drwetter.org>

Prev by Date: Re: Iceweasel upgrade and flash sound?
Next by Date: Re: Keyboard : setup AltGr+e to produce é
Previous by thread: [Fwd: Etch's and Lenny's mktemp seriously broken]
Next by thread: Re: [Fwd: Etch's and Lenny's mktemp seriously broken]
Index(es):
- Date
- Thread