Hello, Ralf! >> +@c But, anyway, how this prevents from creating world readable files? > > Well, you can do that already by setting your umask appropriately. > >> +@c According to the bash man page, noclobber should prevent from >> +@c unintentional truncating to zero size of existing files, >> +@c but in case file doesn't exist, it just created. -- mivael > > Which is exactly what is intended here, no?
It seems, I didn't understood the meaning of "the security problem" right. I've just done more searching, and have another question: Is the problem mentioned in the standards the same with the one described here? http://www.linuxsecurity.com/content/view/115462/151/ If yes, then, maybe, advice to use mktemp would be more appropriate? What do you think? http://www.gnu.org/software/coreutils/manual/coreutils.html#mktemp-invocation http://www.linuxsecurity.com/content/view/115462/151/#mozTocId831804 -- Michael V. Antosha http://identi.ca/mivael
