[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: avoid mktemp/mkstemp internally
From: |
Chet Ramey |
Subject: |
Re: avoid mktemp/mkstemp internally |
Date: |
Thu, 19 May 2016 14:37:39 -0400 |
User-agent: |
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:45.0) Gecko/20100101 Thunderbird/45.1.0 |
On 5/16/16 10:36 AM, Mike Frysinger wrote:
>> Because many traditional implementations of mktemp/mkstemp suck.
>
> and many modern implementations work perfectly fine. why is the default
> to penalize good/fixed versions ? how about we flip this in config-top.h
> like the attached patch ?
Yes, we'll try that with correct names. See what happens.
>>> the bash versions seem like it's pretty trivial to collide: it mixes
>>> current seconds count, current pid number, and a counter.
>>
>> Not quite; the calls in bash mix in the return value from the system's
>> random(). Now, if that sucks too, you're going to lose.
>
> except bash isn't calling srand anywhere that i can see, so you're
> iterating over the same values every time.
Good catch, except you mean srandom(). I'll add in a call to that for the
fallback code.
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU chet@case.edu http://cnswww.cns.cwru.edu/~chet/
signature.asc
Description: OpenPGP digital signature