[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kmail-devel
Subject:    Re: Tempfiles (Re: Security status)
From:       George Staikos <staikos () 0wned ! org>
Date:       2000-02-07 2:09:18
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----

On Sun, 06 Feb 2000, Waldo Bastian wrote:
> On Sun, 06 Feb 2000, Daniel Naber wrote:
> >    Q: Are tempfiles used in a safe way?
> >    One can make temporary files with mkstemp() (what about non-Linux
> >    systems?), the use of mktemp() is deprecated. One should never
> > make temp files by just open()ing them, since they could already
> > exist and they could even be a link to something completely
> > different. You can find some uses of temp files with this command:
> >    grep "/tmp" *.c *.C *.cpp *.h
> >    grep "mktmp" *.c *.C *.cpp *.h
> >
> >    A: ...
> >
> > Issues that are more or less KMail specific
> 
> Please use KTempFile for temp-files. This way it is possible to address 
> temp-file problems KDE-wide. KTempFile creates and opens a new (unique) 
> file. If you need a filename instead of an open file you can close the 
> temp-file and use the filename of the temp-file instead. Be aware that 
> you need to "overwrite" the temp-file in this case. KTempFile use 0600 
> by default as the file-permission.
> 

   I may have missed some cases but I tried to switch over all occurences in
the kmail code to KTempFile.  It was committed a while ago.

- -- 

George Staikos 


-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2

iQEVAwUBOJ4pbPaardfOEhQRAQHqeQgAhRt7SYDMMJfUcPW0cC1NbAsITqys3rog
zd60HkSYUDAkNdEd0saDk7d7vZPfnrTtZAImblIHDx0KS7YldgzEGGAD5IJGbvyI
k2HXvoRcvTR2V/mOFieYRYEFG6fdtR9lUnTB1U0ShOGUf4JrkwoqfUUmUJGLl7I3
ry3x4K4bN4p1XfFUN909Dd59s0Q1RKCbGRqE7p96UqDBXJLKRqqeqn960iVOI/SH
nJ9I1TtbuWTFsvDFiOce276sCCxQ6cIHhnbRCbTslfZlUxf0V+0S5Yoa8DeWin+w
NT67peCL5K58W2XAYCUutUR3sFv2z6uF+GUDpIa/FDotFjJugcnFAA==
=AR4x
-----END PGP SIGNATURE-----

[prev in list] [next in list] [prev in thread] [next in thread]