* Karl Berry wrote on Fri, Jan 28, 2011 at 01:48:49AM CET: > rw> You could mention that mktemp is available everywhere. > > I don't think it is. Solaris.
Argh. I meant "is _not_ available everywhere". Sorry about that. > rw> 'info Autoconf --index mktemp' also has a recommendation for a > portable alternative. > > Yep, so you know (as I expected :) that it's not available everywhere or > you wouldn't need a "portable alternative" :). > > BTW, $RANDOM (used in that sample code) surely isn't portable either, > and without $RANDOM it's still more or less feasible for attackers, as > the coreutils page (and Michael's url) go into. Well, but since the code uses mkdir not file creation or redirection, there should at most be a denial of service problem. Or so I hope at least. Unless, of course, the calling code doesn't check the status. Cheers, Ralf
