From owner-freebsd-ports@FreeBSD.ORG  Wed Mar  1 20:35:42 2006
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
X-Original-To: ports@FreeBSD.org
Delivered-To: freebsd-ports@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1C36D16A420;
	Wed,  1 Mar 2006 20:35:42 +0000 (GMT)
	(envelope-from kris@obsecurity.org)
Received: from elvis.mu.org (elvis.mu.org [192.203.228.196])
	by mx1.FreeBSD.org (Postfix) with ESMTP id CAA2A43D45;
	Wed,  1 Mar 2006 20:35:41 +0000 (GMT)
	(envelope-from kris@obsecurity.org)
Received: from obsecurity.dyndns.org (elvis.mu.org [192.203.228.196])
	by elvis.mu.org (Postfix) with ESMTP id A87DB1A4DCD;
	Wed,  1 Mar 2006 12:35:41 -0800 (PST)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id C6DB9547DB; Wed,  1 Mar 2006 15:35:40 -0500 (EST)
Date: Wed, 1 Mar 2006 15:35:40 -0500
From: Kris Kennaway <kris@obsecurity.org>
To: Paul Schmehl <pauls@utdallas.edu>
Message-ID: <20060301203540.GA29563@xor.obsecurity.org>
References: <44050D77.2030503@j2d.lam.net.au>
	<BCA5F50D2461133FF65B3BD8@utd59514.utdallas.edu>
	<84747890@srv.sem.ipt.ru> <4405F6F0.9050703@FreeBSD.org>
	<665EA8A520757A68F0485536@utd59514.utdallas.edu>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="HcAYCG3uE/tztfnV"
Content-Disposition: inline
In-Reply-To: <665EA8A520757A68F0485536@utd59514.utdallas.edu>
User-Agent: Mutt/1.4.2.1i
Cc: Boris Samorodov <bsam@ipt.ru>, ports@FreeBSD.org,
	Sergey Matveychuk <sem@FreeBSD.org>
Subject: Re: FreeBSD Port: mpack-1.6
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Mar 2006 20:35:42 -0000


--HcAYCG3uE/tztfnV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Mar 01, 2006 at 02:08:22PM -0600, Paul Schmehl wrote:

> So the chances of overwriting a file with the same random char set is clo=
se=20
> to nil.

Close to nil !=3D nil.

I haven't read the code here, but secure handling of temp files
requires care.  The code should just use mkstemp() though.

Kris

--HcAYCG3uE/tztfnV
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (FreeBSD)

iD8DBQFEBgWcWry0BWjoQKURAraWAJ9eaz++f7ZEUyiAZQUkEn5pxUlqugCfU02E
MlHqKOqpQswUnPO/dwWBOkU=
=agLM
-----END PGP SIGNATURE-----

--HcAYCG3uE/tztfnV--