On 27 April 2011 14:00, Eric Blake <ebl...@redhat.com> wrote: > On 04/27/2011 04:05 AM, Reuben Thomas wrote: >> On 27 April 2011 03:24, Bruno Haible <br...@clisp.org> wrote: >>>> Does setting a 0600 umask (as glibc does) sound like a good thing to >>>> add to the mkstemp-safer functions? > > Setting umask() is bad for other reasons - it is global state,
I was being sloppy with my terminology, I meant of course file permissions. > The > hardest part now is writing the m4 test to detect platforms whose > mkstemp is insecure. Attached, a patch. I don't have a non-GNU system on which to test it; I can only confirm that it works on GNU/Linux (which doesn't prove anything really). -- http://rrt.sc3d.org
0002-Use-gnulib-s-mkstemp-if-the-system-implementation-is.patch
Description: Binary data
