Subject: Re: funlink() for fun!
To: NetBSD Kernel Technical Discussion List <>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: tech-kern
Date: 07/14/2003 19:56:44
> Unfortunately I still see too many NetBSD programs creating and
> removing temporary files directly in /tmp and /var/tmp, and of course
> the default sysinst still creates those directories on filesystems
> which also contain other sensitive informatoin.

I'm (still?) not convinced this is a problem.  Given O_EXCL, stat() and
fstat(), and sticky directories, I can't see what the danger is.

I discount admins doing things like leaving /usr world-writeable, or
/tmp non-sticky.  I consider that akin to leaving /dev/mem mode 666:
you can do it, but you have nobody to blame but yourself.  And it most
certainly is not for the system to protect you from the consequences.

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B