On Fri,15.Aug.08, 16:05:13, Sven Joachim wrote: > On 2008-08-15 12:13 +0200, Sven Joachim wrote: > > > Well, I don't think this is a serious problem, since mktemp will create > > a different file if the one with the pid already exists. The > > predictability of the file name is not nice, but it is only a security > > problem if you create the file in a world-writable directory that does > > not have the sticky bit set. And in such directories, you're subject to > > all kinds of race conditions anyway. > > However, Nico Golde informed me that mktemp has a `-u' switch which will > unlink the file before mktemp exits. If you use that, the easy-to-guess > filename becomes a severe problem. I must be dense, could you please elaborate on how this can be a problem? Regards, Andrei -- If you can't explain it simply, you don't understand it well enough. (Albert Einstein)
Attachment:
signature.asc
Description: Digital signature