develooper Front page | perl.perl5.porters | Postings from December 2000

[ID 20001214.003] Fwd: Re: [PATCH bleadperl] POSIX::tmpnam() isdangerous

Thread Next
From:
Dominic Dunlop
Date:
December 14, 2000 03:51
Subject:
[ID 20001214.003] Fwd: Re: [PATCH bleadperl] POSIX::tmpnam() isdangerous
Message ID:
p04320408b65e4b632ba9@[192.168.1.4]
[Edward sent me this reply privately.  I trust that he does not mind 
me copying it (along with the assigned bug ID) to the perl5-porters 
list and Sarathy, who's in charge of the maintenance track.]

>Date: Thu, 14 Dec 2000 09:57:31 +0000 (GMT)
>From: Edward Avis <epa98@doc.ic.ac.uk>
>To: Dominic Dunlop <domo@computer.org>
>Subject: Re: [PATCH bleadperl] POSIX::tmpnam() is dangerous
>
>  >It sees that File::Temp will be in the next release of
>>Perl that follows on from the 5.7.0 development track; whether it will
>>be in the next maintenance release of 5.6.0 is more doubtful, as
>>the job of maintenance is to fix problems, not add functionality.
>
>IMHO any sort of /tmp race does qualify as a problem.  In fact it's a
>security problem, which makes it more important to fix.
>
>--
>Ed Avis
>epa98@doc.ic.ac.uk

-- 
Dominic Dunlop

Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About