Henning Meier-Geinitz wrote: > There are some ways to avoid this: > > * don't use temp files at all > * don't create them in a world writeable directory, use the HOME directory > * use open together with the flag O_EXCL and O_CREAT to make sure, that the > file (or a symlink) doesn't exist. > * use mkstemp. This is probably the best but I don't know how many platforms > support it.
What about a library function? IMHO it would be better to have a common behaviour of all Sane backends than two or three different security fixes, which might themselves introduce new security problems. With a common behaviour, there is only the need to fix one security hole. Abel
