From owner-freebsd-hackers Mon May 15 11:38:27 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from obie.softweyr.com (obie.softweyr.com [204.68.178.33]) by hub.freebsd.org (Postfix) with ESMTP id 866DB37B75D; Mon, 15 May 2000 11:38:23 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from softweyr.com (ip43.salt-lake-city6.ut.pub-ip.psi.net [38.27.95.43]) by obie.softweyr.com (8.8.8/8.8.8) with ESMTP id MAA08536; Mon, 15 May 2000 12:38:08 -0600 (MDT) (envelope-from wes@softweyr.com) Message-ID: <39204472.706CB1D2@softweyr.com> Date: Mon, 15 May 2000 12:39:46 -0600 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 4.0-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 To: Kris Kennaway Cc: Tim Vanderhoek , James Howard , freebsd-hackers@FreeBSD.ORG Subject: Re: mktemp() vs. mkstemp() References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Kris Kennaway wrote: > > On Sun, 14 May 2000, Tim Vanderhoek wrote: > > > It's certainly not like it would be the first non-portable function > > we've added. Where adding functions to libraries encourages better > > coding practices, I'm (often) in favour of it, especially if it > > encourages more secure coding practices. Ultimately everyone > > benefits, and the pain is short-term. > > True, but I'd venture that in most of those cases they did something a > little less trivial than one line of code. We could simply redefine mktemp to not be such a security hole. Do common programs that use mktemp depend on side effects? -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message