> > as for the tempfile thing, i believe this is something that shaleh has > added, since my original script makes its own tempfiles manually. i > prefer things this way so that's how the upcoming bsetbg will work, > unless someone can give me a good reason why i should use an external > program to make a temp file. >
because security auditors get concerned. There is a whole class of security holes surrounding known /tmp file attacks. The code was added after a Debian bug was sent in. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=102126&repeatmerged=yes I think the best compromise is the function I added to the code which attempts to use existing programs and then falls back to manual creation. Remember, people have been solving problems like "I need a /tmp file" for a long time. There is no need to roll your own solution.
