On Sat, Jul 27, 2002 at 09:13:09AM -0700, WINE wrote:
Marcus Meissner meissner@suse.de writes:
This has been some time ago, and those old libc versions should not be used anymore for security reasons.
Well the man page says "Don't use this function", and if it's broken in old glibc it can be broken on other systems too. I think it's safer to do the open ourselves, especially since this is pretty trivial to do.
Actually there are a lot of programs using mkstemp now and it would be terrible if they were all broken.
If you have a description on what was broken I can whip up a configure check though.
The bug is that the temp file is created with mode 0666. But you can't do a configure check for a run-time feature/bug anyway.
According to my manpage this was fixed in glibc 2.0.7, which was released 3 years ago.
I do not see why we should not use mkstemp, it is one of the canonical ways of creating tempfiles throughout the security community.
Ciao, Marcus