[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bug#278283: insecure temporary file usage in gettextize and autopoin
|
From: |
Paul Jarc |
|
Subject: |
Re: Bug#278283: insecure temporary file usage in gettextize and autopoint (fwd) |
|
Date: |
Tue, 26 Oct 2004 11:00:03 -0400 |
|
User-agent: |
Gnus/5.110003 (No Gnus v0.3) Emacs/21.3 (gnu/linux) |
Bruno Haible <address@hidden> wrote:
> Not bad, but still not perfect: mktemp is not a POSIX standardized
> utility, and $RANDOM is bash specific.
What sort of threat are you trying to defend against? Even if mktemp
is not available, and even if $RANDOM is empty, mkdir will still
either create a new directory or correctly fail. It won't let you use
an existing directory (or symlink to a directory).
paul