Earl Hood wrote: >The goal was to minimize the amount of re-coding, so the new functions >attempt to provide the basic capabilities of the older functions, >but using mkstemp() under the hood vs mktemp(). It seems the much >code has a heavy reliance on being able to access the actual pathnames >of temporary files vs just having an open handle to it.
Yes, this is why it's difficult to fix :-). Unfortunately, if you use mkstemp() but still allow the rest of the code to reopen the temporary file by name, you've shut the linker up but not completely closed the security hole. See http://www.mail-archive.com/[email protected]/msg01380.html So I would vote against (the tempfile related parts of) this patch. -- PMM _______________________________________________ Nmh-workers mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/nmh-workers
