KTemporaryFile::createLocalFile()
David Faure
faure at kde.org
Thu Jul 5 09:49:06 BST 2007
On Thursday 05 July 2007, Oswald Buddenhagen wrote:
> On Thu, Jul 05, 2007 at 12:25:10AM +0200, David Faure wrote:
> > On Wednesday 04 July 2007, Oswald Buddenhagen wrote:
> > > On Wed, Jul 04, 2007 at 09:44:11PM +0200, David Faure wrote:
> > > > Much better than getting a temp filename and closing the file,
> > > > which effectively opens it up to symlink attacks
> > > >
> > > this doesn't make any sense. by this logic, the command line
> > > utilities tempfile and mktemp should be immediately banned from use.
> >
> > Well, no, since tempfile returns an open FILE*, not just a string.
> >
> then we have very different systems - last time i checked command line
> apps were unable to return FILE* objects. ;)
Sorry I meant tempnam, as used by tempfile(1). But you're right, command-line tools
only do as much as they can, this doesn't mean we should make the same mistakes
in C++ code.
--
David Faure, faure at kde.org, sponsored by Trolltech to work on KDE,
Konqueror (http://www.konqueror.org), and KOffice (http://www.koffice.org).
More information about the kde-core-devel
mailing list