On Monday 18 August 2008 22:26, Nico Golde wrote: > Hi Steven, > > * Steven M. Christey <[EMAIL PROTECTED]> [2008-08-18 22:09]: > > On Mon, 18 Aug 2008, Nico Golde wrote: > > > This is known but as I wrote in the bug report: > > > "the file is safely created with O_EXCL and 0600, still > > > unsafe if used with -u" > > > > Given that -u is "unsafe mode" with a disclaimer against race conditions > > (at least based on the manpage I looked at), I'm of the mindset that > > you'd flag an application for using mktemp -u, but not mktemp itself. > > Ok fine, makes sense to me.
Should we remove the mktemp "temp issue" from the tracker or rather mark it as no-dsa or unimportant? Thijs
pgpdt8t5lSwiJ.pgp
Description: PGP signature