>If you don't want your machine to be hacked, and you're willing to
>sacrafice functionality, don't network it.
There is also the possibility of a malicious user on a non-networked
system.
>> Some programs use mktemp(3). The filenames generated are predictable.
>> Soft links are one way of exploiting this; hard links are another.
>
>Then mktemp(3) needs to be fixed...
Can't do this, without breaking existing programs.
>A concept which I am all for. But
>again, this is userland, not kernel.
In that case, please provide a safe way that I can open a file in /tmp,
without being root. Please include foolproof checks for symbolic and
hard links.
-- Thomas Koenig, Thomas.Koenig@ciw.uni-karlsruhe.de, ig25@dkauni2.bitnet. The joy of engineering is to find a straight line on a double logarithmic diagram.