> LYUtils.o: In function `LYOpenTemp':
> LYUtils.o(.text+0x7b83): the use of `mktemp' is dangerous, better use `mkstemp'
I didn't know you could get the linker to generate such messages,
but this will be an indication that the file names are predictable and
someone who already had access to the machine by other means might be
able to replace one in such a way as to make the Lynx user overwrite
something he had permission for but the attacker did not.
This sort of attack has been discussed in the past. I believe one of
the protections is not to use the public temporary files directory.
; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to [EMAIL PROTECTED]
