[6253] in bugtraq
Re: another /tmp race: `perl -e' opens temp file not safely
daemon@ATHENA.MIT.EDU (Dennis Taylor)
Sun Mar 8 00:50:56 1998
Date: Sat, 7 Mar 1998 19:55:55 -0600
Reply-To: Dennis Taylor <corbeau@EXECPC.COM>
From: Dennis Taylor <corbeau@EXECPC.COM>
X-To: stanislav shalunov <shalunov@MCCME.RU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199803072356.CAA16643@main.mccme.rssi.ru>
At 6:04 PM -0600 3/7/98, stanislav shalunov wrote:
>A side note (by no means I am a Perl hacker; I do not know Perl well):
>Perl does not provide a clear way to open a file with O_EXCL. This
>might be considered a reasonable thing to add to the language.
It certainly is. Pity it's already in there. :-) The sysopen()
built-in function allows you to open a file with the O_* flags; look at the
sysopen entry in 'man perlfunc' for details. Furthermore, the
object-oriented IO::File interface allows you to say things like:
$fh = new IO::File "file", O_WRONLY|O_APPEND; # from the IO::File
docs.
Or $fh = IO::File->new("file", FLAGS), for that matter, just to
make Chip happy. :-) Good job with the quick patch... it's frightening to
think how many common utilities probably have this kind of lurking bug.
dennis taylor
__________________________________________________________________________
Dennis Taylor "Anyone whose days are all the same and free from
corbeau@execpc.com want inhabits eternity of a sort." - Peter Hoeg
__________________________________________________________________________
PGP Fingerprint: E8D6 9670 4FBD EEC3 6C6B 810B 2B30 E529 51BD 7B90
