David, Thanks for the explanation of mkdtemp(). I got confused reading the man page because I wasn't expecting the function to return char *, but I guess that makes sense. > I wish that the C standard body would update the C library and add > an "exclusive create" capability for fopen(), so that languages > that build on fopen() can do so. > Have you looked at TR 24731-1? The latest revision is n119 at http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1199.pdf
Section 6.5.2.1 defines the fopen_s function. I am planning on submitting a DR against this TR to add an exclusive create capability. There are also some new tmpfile_s() and tmpnam_s() functions although I have some issues with these as well. > This doesn't work on at least old versions of NFS reliably, > unfortunately. I believe that's been fixed, but I have not > verified that. > I also believe that it was fixed (in Version 3). rCs _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
