Jakob Lell <[EMAIL PROTECTED]> writes: > many shell scripts use tempfiles like /tmp/tempfile.$$. This creates > insecure tempfile vulnerabilities. One commonly used fix for this problem > is to use set -e or/and set -C in the shell script. This makes the whole > script fail if one command fails or pipes anything to an existing file > (e.g. if the tempfile already exists).
'set -C' only detects already-existing regular files, it does not prevent you writing your important data to (say) a named pipe with the right name. -- http://www.greenend.org.uk/rjk/