Creating /tmp files with mode 0666 is insane. Other users should never be able to read or write to your temp files! Case in point:
-rw-rw-r-- 1 mjr mjr 0 Mar 2 15:19 prefixF2571suffix After the patch: -rw------- 1 mjr mjr 0 Mar 2 15:20 prefix87783suffix Index: libraries/clib/io/File.c =================================================================== RCS file: /cvs/kaffe/kaffe/libraries/clib/io/File.c,v retrieving revision 1.17 diff -u -r1.17 File.c --- libraries/clib/io/File.c 18 Dec 1999 07:40:25 -0000 1.17 +++ libraries/clib/io/File.c 2 Mar 2003 21:17:16 -0000 @@ -319,7 +319,7 @@ } jboolean -java_io_File_createNewFile0(struct Hjava_io_File* this) +java_io_File_createNewFile0(struct Hjava_io_File* this, jint mode) { char str[MAXPATHLEN]; int fd; @@ -327,7 +327,7 @@ stringJava2CBuf(unhand(this)->path, str, sizeof(str)); - rc = KOPEN(str, O_EXCL|O_WRONLY|O_CREAT, 0666, &fd); + rc = KOPEN(str, O_EXCL|O_WRONLY|O_CREAT, mode, &fd); switch (rc) { case 0: break; Index: libraries/javalib/java/io/File.java =================================================================== RCS file: /cvs/kaffe/kaffe/libraries/javalib/java/io/File.java,v retrieving revision 1.30 diff -u -r1.30 File.java --- libraries/javalib/java/io/File.java 21 Nov 2002 21:57:24 -0000 1.30 +++ libraries/javalib/java/io/File.java 2 Mar 2003 21:17:17 -0000 @@ -117,7 +117,9 @@ File f = new File(dir, prefix + Integer.toHexString( random.nextInt(0x100000)).toUpperCase() + suffix); - if (f.createNewFile()) + + f.checkWriteAccess(); + if (f.createNewFile0(0600)) return f; } } @@ -387,10 +389,10 @@ public boolean createNewFile() throws IOException { checkWriteAccess(); - return createNewFile0(); + return createNewFile0(0666); } -native private boolean createNewFile0() throws IOException; +native private boolean createNewFile0(int mode) throws IOException; public boolean setLastModified(long time) { checkWriteAccess(); _______________________________________________ kaffe mailing list [EMAIL PROTECTED] http://kaffe.org/cgi-bin/mailman/listinfo/kaffe