Here's something I got from google searching for tempnam dangerous... 'That's not exactly what is the dangerous part. What is dangerous is that it returns a filename that refers to a file which did not exist at some point during the call to tempnam. It does not create that file for you, meaning that in theory some other program can grab the file between your call to tempnam and your call to open the file. This is a race condition.
Unfortunately, the replacement functions don't have the flexibility that tempnam does. ' Once, I tried replacing the tempnam in that file to mkstep, but since they don't seem to be compatiable, I got some error :(... I don't want to wait for them to fix it, do you know what to use? "Ernest E Vogelsinger" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > At 04:55 05.03.2003, Clete Rivers Blackwell 2 said: > --------------------[snip]-------------------- > >I have RedHat 8.0 with the everything box checked in packages... when I > >build the CVS of PHP5, it tells me that tempnam is dangerous and to use > >makename or something... I think it's a code bug, but just in case, does > >anyone know if this is due to an outdated version of some program? > --------------------[snip]-------------------- > > No, I don't think so - this warning is also generated for 4.2.something. It > is a warning from gcc about a possibly insecure implementation of the > tempnam() function where a race condition could occur. > > There are some interesting answers to this questions on google - search for > "tempnam dangerous". > > > -- > >O Ernest E. Vogelsinger > (\) ICQ #13394035 > ^ http://www.vogelsinger.at/ > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
