Hi!
I've been thinking of the security changes suggested for the
executables of Autoconf (not configure). I don't like it because
there is one call to mktemp for *each* temp file. As an shell script
author, I dislike this very much: it pollutes the scripts, and in
addition, it makes debugging fairly painful.
I would much prefer to have a securely created tmp *dir* in which I
can put all my temp files. It has much less impact on the readability
of the script, and debugging is just normal (all the co-related tmp
files are in the same tmp dir, they don't have as many names as there
are invocation of mktemp).
Marc Espie drew my attention on the fact that there are some secure
`mktemp -d', for instance on OpenBSD:
http://www.rocketaware.com/openbsd2.3/man1/mktemp.1.htm
So my proposal is to support `mktemp -d', and only `mktemp -d', no
juggling with mktemp for each file.
If the system on which Autoconf runs does not support `mktemp -d',
then (umask 077 && mkdir $$).
What do you think?
Akim
