> > +#define QTEST_FILE_TEMP "/tmp/qtest-%d.sock" > > +#define QTEST_QMP_FILE_TEMP "/tmp/qtest-%d.qmp" > > +#define QTEST_PID_FILE_TEMP "/tmp/qtest-%d.pid" > > These filenames are too predictable from security point of view,
This need not be secure as long as the file is created with 0600 permissions. In fact, inspecting the pid file from the shell can be useful. However, using mkstemp() on a prefix that includes the parent pid can indeed be the best of both worlds. Paolo
