Subject: Re: tmp issues: trap before making safe tmp and not defining directory
To: Jeremy C. Reed <>
From: Curt Sampson <>
List: tech-security
Date: 11/01/2003 18:00:37
On Fri, 31 Oct 2003, Jeremy C. Reed wrote:

> This isn't NetBSD specific (but does involve software in pkgsrc).

Maybe we need a "safe script functions" package that would contain
functions to do this stuff properly, and just write scripts and patch
packages to use that. In fact, it might even be worth making it part of
the OS distribution.

Doing stuff securely is often hard, and if we're constantly
re-implementing these sorts of things, we're pretty much guaranteed to
get it wrong some of the time.

Curt Sampson  <>   +81 90 7737 2974
    Don't you know, in this new Dark Age, we're all light.  --XTC