Joey Hess wrote: > No, tmpnam generates a name for a file that did not exist at some point > in time, but that *will* exist in the worst possible state (eg, a > symlink to something important) when an attacker is targeting your program.
Which is why I'm trying to find a way to get rid of the calls to it in the program I'm packaging. regards, Colin -- Colin Tuckley | [EMAIL PROTECTED] | PGP/GnuPG Key Id +44(0)1903 236872 | +44(0)7799 143369 | 0x1B3045CE "Heisenberg may have slept here" -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
