On Wed, Feb 07, 2007 at 03:29:06PM -0500, Dylan Thurston wrote: > On Wed, Feb 07, 2007 at 11:27:30AM -0800, David Roundy wrote: > > > I wonder if instead we should be using tmpfile(). > > > ... > > > > tmpfile() would be nice, but the file is deleted automatically when the > > handle is closed (perhaps deleted before the handle is returned?), so we > > can't use it when we want a filename that we can pass to emacs. > > The standard solution is to use mkdtemp to create a dirctory (with mode > 0700) and then create a file in that directory with your choice of > name. mkdtemp is not in POSIX currently, but it seems like it will be > added soon.
The Secure Programs HOWTO link does mention mkdtemp. They only mention that tmp cleaners can cause a security issue with mkdtemp, as Thomas brought up last week. I feel like tmp cleaners could cause other issues in general, but maybe if people are using them we still need to worry? -- Zachary P. Landau <[EMAIL PROTECTED]> GPG: gpg --recv-key 0xC9F82052 | http://divineinvasion.net/kapheine.asc
signature.asc
Description: Digital signature
_______________________________________________ darcs-devel mailing list darcs-devel@darcs.net http://lists.osuosl.org/mailman/listinfo/darcs-devel