On 08/15/2014 05:03 AM, Michael Tokarev wrote:
>>> f = fopen("/tmp/op.log", "w");
>
> Gosh. So why are we still use fixed filenames in /tmp?????
> Every such use is a potential security holw... :( Ughm.
>
> Can't we get rid of this somehow, by requiring a filename
> parameter for example?
It's in code that isn't compiled in by default.
Better than taking a parameter, or doing something else one-off, I think it'd
be best to dump this to the normal log file. I.e. use qemu_log instead of
fprintf.
r~
