On Fri, Mar 13, 2009 at 07:31:21PM +0100, "Martin v. Löwis" wrote: > > Think about the security implications of a file name that is in advance > > known to an attacker as well as the fact that the said file will replace > > an *important* system file. > > You should always use O_EXCL in that case. Relying on random name will > be a severe security threat to the application. But mkstemp does open files with O_EXCL, so the two approaches really aren't that different. Using tempfile can be a little simpler because it will eventually succeed. -- Andrew McNabb http://www.mcnabbs.org/andrew/ PGP Fingerprint: 8A17 B57C 6879 1863 DE55 8012 AB4D 6098 8826 6868
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4