Re: [PATCH] unifdef: set a secure umask before calling mkstemp()

[Tony Finch]

Jesper Juhl <jj@xxxxxxxxxxxxx> wrote:

> In newer glibc's (versions > 2.06) reasonably secure permissions of
> 0600 are used when creating a temporary file with mkstemp(). But for
> older glibc's (versions <= 2.06) 0666 is used which is not secure.

Thanks for your suggestion! I'm afraid I prefer not to make the change.

Unifdef is only using mkstemp as a convenient way to open a file with a
non-clashing name. It isn't trying to be secure, so it's OK just to rely
on the user's umask. And I find it hard to care about a bug that was fixed
15 years ago.

I'm also trying to reduce the unixisms in the program for portability
reasons and this is the most awkward part :-/

Tony.
-- 
f.anthony.n.finch  <dot@xxxxxxxx>  http://dotat.at/
Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first.
Rough, becoming slight or moderate. Showers, rain at first. Moderate or good,
occasionally poor at first.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/