[parted-devel] Updated 'PlanningEdge' substantially
Håkon Løvdal
hlovdal at gmail.com
Fri Jan 5 23:38:09 CET 2007
On 05/01/07, Otavio Salvador <otavio at debian.org> wrote:
> Anant Narayanan <anant at kix.in> writes:
> > Thoughts on how the file should be named and where must we dump it
> > (/tmp?) How about parted-YYYYMMDDHHMMSS.err? (timestamp)
>
> I like the idea of a file on /tmp
>
/tmp is fine by me as well, but we should preferably
support TMPDIR if set.
Great care ought to be exercised when (automatically)
creating files in /tmp to avoid security problems. I am
not an expert on how to properly do this, I just know that
there are many ways to create files insecurely in /tmp...
However, in all cases a secure solution will always
be based on the concept of creating and opening
the file in one operation. So initially create some
securely_create_and_open_file function, so that getting
secure file handling will "just" be an implementation
detail of this function.
BR Håkon Løvdal
More information about the parted-devel
mailing list