On Sat, Jul 27, 2002 at 09:13:09AM -0700, WINE wrote:
Marcus Meissner [EMAIL PROTECTED] writes:
This has been some time ago, and those old libc versions should not be used
anymore for security reasons.
Well the man page says Don't use this function, and if it's broken
in old glibc it
Marcus Meissner [EMAIL PROTECTED] writes:
I do not see why we should not use mkstemp, it is one of the canonical
ways of creating tempfiles throughout the security community.
Well, I don't like it, but since apparently everybody else does I've
applied the patch anyway...
--
Alexandre
On Fri, Jul 26, 2002 at 01:21:05PM -0700, Alexandre Julliard wrote:
I'm not sure this is a good idea, mkstemp() is apparently buggy in old
libc versions.
What do you mean by buggy? Is the result wrong or are the security
features not working correctly? What are old libc versions?
tmpnam() is
On Fri, Jul 26, 2002 at 01:21:05PM -0700, WINE wrote:
Marcus Meissner [EMAIL PROTECTED] writes:
Check for mkstemp, added a port implementation if it is
not present. Use mkstemp() in various places needing tmp files.
I'm not sure this is a good idea, mkstemp() is apparently buggy
Marcus Meissner [EMAIL PROTECTED] writes:
This has been some time ago, and those old libc versions should not be used
anymore for security reasons.
Well the man page says Don't use this function, and if it's broken
in old glibc it can be broken on other systems too. I think it's safer
to do
On Sat, Jul 27, 2002 at 09:13:09AM -0700, Alexandre Julliard wrote:
Marcus Meissner [EMAIL PROTECTED] writes:
This has been some time ago, and those old libc versions should not be used
anymore for security reasons.
Well the man page says Don't use this function, and if it's broken
in
On Sat, Jul 27, 2002 at 09:13:09AM -0700, Alexandre Julliard wrote:
The bug is that the temp file is created with mode 0666. But you can't
do a configure check for a run-time feature/bug anyway.
Well, this bug doesn't really matter. If it matters, people will long
have installed a fixed libc,