On Fri, 14 Jan 2005, John Richard Moser wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>
>
>D. Richard Hipp wrote:
>
>> I don't *think* this is a problem. But version 3.1 will contain
>> extra security features just to make sure. In particular, it will
>> initialize the random number generated used to create temp file
>> names from /dev/urandom if available.
>
>If you want to create temporary file names, use mkstemp(3) to create and
>open a file, then close it and open it with sqlite3_open().
$ man mkstemp
...
BUGS
...
Don't use this function, use tmpfile(3) instead. It's bet
ter defined and more portable.
So long as the file name is unique, I don't think it really matters how it
was generated, so long as it is valid and opened securely.
For non-temporary files (the sort passed into sqlite3_open()) you don't
want a temporary file name. sqlite3_open is used internally to open
temporary files.
If YOU are creating a temporary database, simply use a memory database by
passing ":memory:" as the file name to sqlite3_open.
Christian
--
/"\
\ / ASCII RIBBON CAMPAIGN - AGAINST HTML MAIL
X - AGAINST MS ATTACHMENTS
/ \
