Andre Poenitz <[EMAIL PROTECTED]> writes:
| > > What system is this, according to my man page both mkstemp AND mktemp
| > > will use a permission of 600 anyway ...
| >
| > That is right. But the Converters and Export class (converter.C,
| > exporter.C) are creating files with the permission of 666. I think there
| > should be changed something.
|
| Note that external converters will do whatever _they_ want anyway. The
| correct solution for security-aware people certainly is to set a proper
| umask and for paranoid people to use \use_tempdir false (or \tempdir_path
| ~/.my_secret_place if that happens to work).
|
| Since I can't see any advantage if files created by LyX have permissions
| other that 600 I'd support a change to 600 within LyX. But I'd refer to
| it only as "a cosmetic change", not as "closing a security hole".
Think group projects.
otoh, The temp dir which is per lyx instance and never shared should
be better "protected".
Lgb
