Gary, I would love a little refinement of the benefits to badnessometers. Let's
say I get a tool to tell me something I already suspect is wrong, what
percentage of the population are better than they expected? The reason why I
ask this question is that in our culture if I have a sense something
We have had open job postings for security architects for a long time with zero
hits and I would love to understand how other enterprises are hiring
practitioners. Would love your thoughts on the following:
* Are large enterprises sticking with consulting firms to gain expertise
in implem
David,
Thanks for the explanation of mkdtemp(). I got confused reading the man
page because I wasn't expecting the function to return char *, but I
guess that makes sense.
> I wish that the C standard body would update the C library and add
> an "exclusive create" capability for fopen(), so that
"Robert C. Seacord" <[EMAIL PROTECTED]> wrote:
> I've seen advice here and there to use the mkdtemp() function to create
> temporary directories, for example:
...
> - David Wheeler's Secure Programming for Linux and Unix HOWTO at
> http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO.html