The open() system call in f8 really broken...

Steve Dickson SteveD at redhat.com
Thu Aug 16 15:16:54 UTC 2007


Oliver Falk wrote:
> Most developers I know, don't worry about >warnings<, but do if their
> code aborts. If a developer then doesn't worry about the real (security)
> problem, but only about the abort itself and just workaround that - it's
> simply a fault... The other option? stderr "FIX YOUR OPEN :-P"; sleep
> 600. :-)
> 
> If you compile the whole Fedora tree, how many warnings will you see?
> How many warnings are about 'better use mkstemp' - for security
> reasons... If you don't abort you'll not catch the developers
> attention... It's too bad, but true... Don't want to step on dev's toes
> of course - it's for sure not true for *all* developers!
I was talking about runtime warnings... Really nasty looking messages
so they couldn't be ignored...

steved.




More information about the Fedora-maintainers mailing list