On 2014/8/16 0:53, Richard Henderson wrote:
On 08/15/2014 05:03 AM, Michael Tokarev wrote:
f = fopen("/tmp/op.log", "w");
Gosh. So why are we still use fixed filenames in /tmp?????
Every such use is a potential security holw... :( Ughm.
Can't we get rid of this somehow, by requiring a filename
parameter for example?
It's in code that isn't compiled in by default.
Better than taking a parameter, or doing something else one-off, I think it'd
be best to dump this to the normal log file. I.e. use qemu_log instead of
fprintf.
Hmm, i agreed. I will get rid of this, and use qemu_log instead.
Thanks.:)
