Hi! I am not really a security expert, so just my opinion. :)
> 1) Check that /tmp/mc-$USER is ours. I think if I do stat() > and it says that I'm the owner, no adversary will be able to > replace the directory. If /tmp/mc-$USER is ours, set proper > permissions (700) on it if necessary and use it. Note that > the files inside that directory still have random names. > > 2) If that fails, warn the user and create a directory under > /tmp with a random name e.g. /tmp/mc-$USER-$RANDOM. If that > works, schedule the directory for removal using g_atexit > (portable atexit from glib) and use the directory. Why don't you skip the first step, and just do the second? :) Easier to implement just one version, less code -> less bugs and "more safe" (?). Just another question: what happens, if there's no /tmp directory (I don't know OS like this)? I mean if the distribution uses for example the name /temp. I don't know it mc has to care about it. Bye, Andras _______________________________________________ Mc-devel mailing list [EMAIL PROTECTED] http://mail.gnome.org/mailman/listinfo/mc-devel