Re: Temporary Files

[Ryan W. M. <ry...@gu...>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Mon, 29 Jan 2001, Jamie Cameron wrote:

> How about this for an improved tempname() function - it uses /dev/urandom
> where available, though only reads 4 bytes for seeding srand() as any more
> would be larger than the function can handle anyway.

<code snippit>

I like it; it looks like a good tradeoff.  I would probably mention
something (in the developmental documentation) that it is up to the script
to make sure that the file has the correct mode (ala umask or chmod).  The
directory is 0755, which means if the files are created with some
world-readable mode then a malicious user can read them (and if the
contain sensitive data then do some damage).

Cheers,
Ryan

 +-- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --+
   Ryan W. Maple          "I dunno, I dream in Perl sometimes..."  -LW
   Guardian Digital, Inc.                     ry...@gu...
 +-- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --+

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE6dXQ+IwAIA9MpKWcRAuCdAKCBxGZM1YMLsHmKKw4mag2lVPqVoQCfev7A
g2KxMmsCqx18pXoXXxyoUzw=
=Lg0X
-----END PGP SIGNATURE-----