Binand Sethumadhavan wrote:
On 16/10/06, Girish Venkatachalam <girishvenkatachalam@xxxxxxxxx> wrote:
2. Your aeg script has a race condition; on multiuser systems withOh yes, I know mktemp but forgot. I could put that change in but I am
malicious users, this can lead to arbitrary files owned by the user
running AEG to be wiped out. mktemp(1) is the safe way of creating
temporary files.
not too particular.
Yep, this is the single biggest argument used against FOSS. The
developer is usually not particular about users' requirements or
security considerations. Developer's response is in most cases, "works
for me". I'd imagine 60% of the patches Redhat includes are about
fixing things like race conditions etc. because the developer could
not be bothered to fix silly bugs like these.