#3638: Compilation errors for 1.6
-----------------------+----------------------
Reporter: grarpamp | Owner: mutt-dev
Type: defect | Status: new
Priority: major | Milestone: 1.6
Component: mutt | Version: 1.5.21
Resolution: | Keywords:
-----------------------+----------------------
Comment (by vinc17):
Replying to [comment:7 invalid@…]:
> It's not that mkstemp() isn't safe if you need to add a suffix (e.g. a
> file extension); it's that it won't do that.
OK, of course, I meant that's the use of mkstemp() that was unsafe, not
mkstemp() itself.
> The point is, even if your system has mkstemps(), you're probably
> better off using mktemp() the way Mutt uses it instead. You just have
> to make sure that the file does not already exist when you go to
> create it, and that you create the file 0600 so that evildoers can't
> write their exploit over your data... and Mutt does that.
That is not sufficient with pre-NFSv3.
--
Ticket URL: <http://dev.mutt.org/trac/ticket/3638#comment:10>
Mutt <http://www.mutt.org/>
The Mutt mail user agent
