Hi Michelle, On 16 July 2010 19:17, Michelle Konzack <[email protected]> wrote: >> Shouldn't %s be the preferred form as mutt creates a unique file in >> /tmp, so creating it manually shouldn't be necessary. > > No it does not. > > The file is always called /tmp/mutt.html and if you run a Multi-User > Environment and several peoples login using "SSH" and run "mutt" you get > the hell on the ass. > > This is one of mutts security problems... >
You're right, I went to check the changelogs [1] and saw that there are some Debian patches [2] in versions 1.5.13-1.1, 1.5.20-7 to give /tmp/muttXXXXXX like names. It's been over 5 years since I've used Mutt in a multiuser environment so I haven't had to worry too much about the tmp files. > Thanks, Greetings and nice Day/Evening > Michelle Konzack > > -- > ##################### Debian GNU/Linux Consultant ###################### > Development of Intranet and Embedded Systems with Debian GNU/Linux > > itsyst...@tdnet France EURL itsyst...@tdnet UG (limited liability) > Owner Michelle Konzack Owner Michelle Konzack > > Apt. 917 (homeoffice) > 50, rue de Soultz Kinzigstraße 17 > 67100 Strasbourg/France 77694 Kehl/Germany > Tel: +33-6-61925193 mobil Tel: +49-177-9351947 mobil > Tel: +33-9-52705884 fix > > <http://www.itsystems.tamay-dogan.net/> <http://www.flexray4linux.org/> > <http://www.debian.tamay-dogan.net/> <http://www.can4linux.org/> > > Jabber [email protected] > ICQ #328449886 > > Linux-User #280138 with the Linux Counter, http://counter.li.org/ > [1] http://packages.debian.org/changelogs/pool/main/m/mutt/mutt_1.5.20-9/changelog [2] http://patch-tracker.debian.org/patch/series/view/mutt/1.5.20-9/upstream/311296-rand-mktemp.patch Regards, Dermot
