From: Joe M. C. <ma...@ma...> - 2003-02-19 17:38:28
|
On Wed, 2003-02-19 at 07:27, didier wrote: > Hi > Joe Marcus Clarke wrote: > > On Sun, 2003-02-16 at 20:21, Sebastian Rittau wrote: > >>> file.o: In function `afp_exchangefiles': > >>> /root/netatalk-1.6.1-1/etc/afpd/file.c:1764: the use of `mktemp' is > >>> dangerous, better use `mkstemp' > >> > >>This can't be fixed easily and is harmless. (But I would rather like to > >>see this gone, too.) > >=20 > >=20 > > I just fixed this in HEAD. Let me know if you want me to back-port it. > >=20 > I'm in favor to revert it in HEAD. > IMO > 1) it's not more secure than mktemp in the way we are using it, as a=20 > matter of fact I think mkstemp is more _dangerous_ here. I don't see how it's that dangerous. The temp file should not be deleted once the file handle is close (at least according to the FreeBSD implementation of mkstemp()). > 2) Currently the fix doesn't work > - it doesn't delete temporary name if there's an error in rename. > - it doesn't work at all with cross devices. This is a more powerful argument. Why doesn't it work across devices?=20 It should be more or less identical to mktemp(). Joe >=20 > Note > I changed copyfile the day before . >=20 > The old code :( | O_CREATE) was wrong: > - if the file already existed the new file size was undefined > - afp_copyfile was broken, should return EEXIST not OK. >=20 > Didier --=20 PGP Key : http://www.marcuscom.com/pgp.asc |