On Wed, 21 Feb 2001 [EMAIL PROTECTED] wrote:
> Damn, chroot() would solve this, but its root-only. Well, you could
> add a test which tries to chroot to t/ if the test is run as root.
The tests are ignored on some platforms (Windows etc).
HP-UX does not use sticky bit on /tmp by default.
>
> Ok, I'd say that doing a test for a safe temp directory under HIGH
> security is right out for the discussed reasons. However, we can do a
> test for an *unsafe* temp directory under HIGH security. Simply
> create a ringer in t/tmp and make sure File::Temp rejects it properly.
> Something that tests the dir-walking properties of _is_very_safe(), like:
> t/tmp/safe/safe/unsafe/safe/safe/
>
You could create a directory known to be unsafe and test for that but we
would have to add some platform dependent code in there since, for
example, on Windows the unsafe directory will be "safe" as far as
File::Temp is concerned simply because the HIGH security test is a no-op
on windows.
--
Tim Jenness
JCMT software engineer/Support scientist
http://www.jach.hawaii.edu/~timj
