[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV Re: ...vulnerability in Lynx...
|
From: |
Scott McGee (Personal) |
|
Subject: |
Re: LYNX-DEV Re: ...vulnerability in Lynx... |
|
Date: |
Wed, 7 May 1997 15:00:49 -0600 |
Klaus Weide <address@hidden> writes:
>
>On Wed, 7 May 1997, Scott McGee (Personal) wrote:
>
>> OK, let me jump into to forray here.
>>
>> How about doing the following:
>>
>> define a symbol (has_mkstemp) based on the availiblity of this function
>> use code like this:
>>
>> #if has_mkstemp
>> <use mkstemp to create filename and open file>
>> #else
>> <use mktemp to create filename>
>> <open file>
>> #endif
>> <continue>
>[...]
>This doesn't seem to adapt well to the way Lynx uses many of its
>temporary files. Files are created and written and closed; then opened
>for reading in totally different modules.
>
>The different modules pass the file only as a filename (or URL) between
>each other, not as a (FILE *).
>
>Also some things require the temp file to have a specific ending (like
>".html" or ".txt") to work correctly. Soemthing mkstemp() cannot do,
>since it wants to modify the *last* six filename characters.
Hmm, ok, modify the above to close the (as yet) empty file, leaving a file
with the generated name and our permissions set so others don't mess with it,
and then pass the file name. You can even rename it to add any desired
extensions after creating and closing it (have to watch for existing files
when doing the rename, but that's not too hard).
>
>Maybe all this can be modified, but simply saying "just use mkstemp()"
>doesn't get us very far. IMHO, AFAICT.
Yes, I know. I was just trying to point out that the fact that mkstemp() is
not universal need not limit us from using it where it is availible if we
can use mktemp() or even ly_mktemp() elsewhere. In other words, just trying
to simplify the problem a bit.
>
>Are you volunteering? :)
Well..., is the creation of temp files delegated to one function, or scattered
all over the code? I can take a look and see about doing it. Maybe even
download the freeBSD code and implement it for Lynx. I'll have a look see.
Scott McGee: Salt Lake Community College Webmaster | When in danger,
___________________________________________________| or in doubt,
Email: address@hidden (Scott McGee) | run in circles,
Web: http://www.slcc.edu/infotech/webmaster.html | scream and shout.
----------------------------------------------------------------------
My opinions do not necessarily reflect those of the College. Trust me!
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;
- Re: LYNX-DEV Re: ...vulnerability in Lynx...,
Scott McGee (Personal) <=
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Bela Lubkin, 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Jonathan Sergent, 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Larry W. Virden, x2487, 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Jonathan Sergent, 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Klaus Weide, 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Jonathan Sergent, 1997/05/09
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Larry W. Virden, x2487, 1997/05/09
Re: LYNX-DEV Re: ...vulnerability in Lynx..., Nelson Henry Eric, 1997/05/09