000326 T.E.Dickey wrote:
> 2000-03-26 (2.8.3dev.23) -- pruned --
> * on initialization, check if the LYNX_TEMP_SPACE denotes a directory which
> we cannot easily determine if someone could alter our temp-files. If so,
> make a subdirectory of that, with appropriate permissions -TD
why? how does one determine if one cannot easily determine etc?
i define my own ~/tmp , which should be as secure as the system.
> * disable setuid on initialization -TD
why? i seem to remember Screen uses setuid somehow.
> * add a definition USE_MKSTEMP in userdefs.h
> which supercedes EXP_RAND_TEMPNAME for sysadmins who believe in mkstemp() -TD
^s (ok, a nit: it's Latin = `sits on top of')
> * change logic for EXP_RAND_TEMPNAME to avoid allowing fmt_tempname()
> to return the same name during a session.
> Define EXP_NAME_TEMPNAME in userdefs.h -TD
how many people will this affect?
my general concern with these is
that i don't remember anything on lynx-dev about them.
your skills are not in question, but be careful you don't cause other problems.
--
========================,,============================================
SUPPORT ___________//___, Philip Webb : [EMAIL PROTECTED]
ELECTRIC /] [] [] [] [] []| Centre for Urban & Community Studies
TRANSIT `-O----------O---' University of Toronto
