On Sat, 10 Jun 2000, Jeroen C. van Gelderen wrote:
> > Actually, it's not of course a security risk in the new algorithm (this is
> > mktemp() after all), but it's a potential failure mode which can cause
> > applications to fail in ways they otherwise wouldn't (with some very low
> > probability) on a normal system. But, I don't think it's a big enough
> > problem to worry about (numbers still coming :-)
>
> It's not a new situation, any application that can write to /tmp can
> create files that collide with other program's use of mktemp().
Not under the current mktemp() since the PID is unique (except for
wraparounds)
Kris
--
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <[EMAIL PROTECTED]>
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
