[prev in list] [next in list] [prev in thread] [next in thread]
List: kmail-devel
Subject: Re: Tempfiles (Re: Security status)
From: George Staikos <staikos () 0wned ! org>
Date: 2000-02-07 2:09:18
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
On Sun, 06 Feb 2000, Waldo Bastian wrote:
> On Sun, 06 Feb 2000, Daniel Naber wrote:
> > Q: Are tempfiles used in a safe way?
> > One can make temporary files with mkstemp() (what about non-Linux
> > systems?), the use of mktemp() is deprecated. One should never
> > make temp files by just open()ing them, since they could already
> > exist and they could even be a link to something completely
> > different. You can find some uses of temp files with this command:
> > grep "/tmp" *.c *.C *.cpp *.h
> > grep "mktmp" *.c *.C *.cpp *.h
> >
> > A: ...
> >
> > Issues that are more or less KMail specific
>
> Please use KTempFile for temp-files. This way it is possible to address
> temp-file problems KDE-wide. KTempFile creates and opens a new (unique)
> file. If you need a filename instead of an open file you can close the
> temp-file and use the filename of the temp-file instead. Be aware that
> you need to "overwrite" the temp-file in this case. KTempFile use 0600
> by default as the file-permission.
>
I may have missed some cases but I tried to switch over all occurences in
the kmail code to KTempFile. It was committed a while ago.
- --
George Staikos
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2
iQEVAwUBOJ4pbPaardfOEhQRAQHqeQgAhRt7SYDMMJfUcPW0cC1NbAsITqys3rog
zd60HkSYUDAkNdEd0saDk7d7vZPfnrTtZAImblIHDx0KS7YldgzEGGAD5IJGbvyI
k2HXvoRcvTR2V/mOFieYRYEFG6fdtR9lUnTB1U0ShOGUf4JrkwoqfUUmUJGLl7I3
ry3x4K4bN4p1XfFUN909Dd59s0Q1RKCbGRqE7p96UqDBXJLKRqqeqn960iVOI/SH
nJ9I1TtbuWTFsvDFiOce276sCCxQ6cIHhnbRCbTslfZlUxf0V+0S5Yoa8DeWin+w
NT67peCL5K58W2XAYCUutUR3sFv2z6uF+GUDpIa/FDotFjJugcnFAA==
=AR4x
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic