On Tue, Apr 23, 2013 at 12:39:25AM +0200, Vincent Lefevre wrote: > It seems that the problem is not the function (API) itself, > but broken implementations (due to the original 4.3BSD one): > the mktemp(3) man page under Linux says: > > BUGS > Never use mktemp(). Some implementations follow 4.3BSD and replace > XXXXXX by the current process ID and a single letter, so that at > most 26 different names can be returned. [...] > The existence of broken, insecure implementations due to history > is a good reason to avoid this function.
Maybe. The man page is I think outdated; I'm not convinced this is still an issue. The issues with mktemp() are long well understood and I'm pretty sure every vendor has fixed this in anything resembling a currently supported OS. Regardless, I did outline a way to use mkstemp() to do this, years ago. There's a reference to it in an earlier comment in this bug: http://marc.info/?l=mutt-dev&m=128900518711082 I'd be reasonably happy to take some time to rewrite safe_open() and company, EXCEPT that I already have a patch for a 1.6 bug (#3298) that's been completely ignored for four years. In fact, Michael very recently went out of his way to provide a completely independent implementation (without ever commenting on the one I already provided), which I pointed out completely failed to address the problem, resulting in its reversion... I then provided an improved patch which, like the first, has been completely ignored. This, despite the lengthy conversation we just had about that very problem. That experience, combined with a much earlier (2004-ish?) one where I had to pull some teeth to get committed a couple of patches related to usability of the PGP UI, leaves me extremely disinclined to spend time writing code for Mutt. I have no inclination to spend my own free time on a solution that's just going to be unceremoniously dismissed. -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail due to spam prevention. Sorry for the inconvenience.
pgpG2iy3jn64W.pgp
Description: PGP signature
