Jim Pick:
> I think what we have here is that the call is "secure",
> providing that the user has the correct umask set up for
> however the system administrator has set up the groups
> on their system.

I don't see how you arrived at that conclusion. A user who is
content to normally create world-readable files by default is
nevertheless not very likely to want his temp files created with the
same liberal permissions; he might elevate his security at times by
working on sensitive data within a mode 0700 directory, or he might
merely have a single secret text file with mode 0600.

If that data is exposed through a world-readable temporary file,
something is _wrong_, umasks notwithstanding.

_______________________________________________
kaffe mailing list
[EMAIL PROTECTED]
http://kaffe.org/cgi-bin/mailman/listinfo/kaffe

Reply via email to