Improve the explanation on the (in)security of mktemp(3).

author: sheldonh <sheldonh@FreeBSD.org> 2000-01-25 13:58:46 +0000
committer: sheldonh <sheldonh@FreeBSD.org> 2000-01-25 13:58:46 +0000
commit: 4497b0fbabcff52472040173a4ea879ec212ecaa (patch)
tree: a1d72074dc141471f6f65103b12e9cbf57e37d51 /lib/libc/stdio
parent: 348b00703f43edaeb5efe0217f899d8ddd9f1e2d (diff)
download: FreeBSD-src-4497b0fbabcff52472040173a4ea879ec212ecaa.zip
FreeBSD-src-4497b0fbabcff52472040173a4ea879ec212ecaa.tar.gz
1 files changed, 6 insertions, 3 deletions
diff --git a/lib/libc/stdio/mktemp.3 b/lib/libc/stdio/mktemp.3
index d78d67c..9b92d4a 100644
--- a/lib/libc/stdio/mktemp.3
+++ b/lib/libc/stdio/mktemp.3
@@ -186,9 +186,12 @@ See
 .Xr gcc 1
 for more information.
 .Sh BUGS
-An attacker can guess the filenames produced by
-.Fn mktemp .
-Whenever it is possible
+This family of functions produces filenames which can be guessed.
+This makes the race in
+.Fn mktemp ,
+between testing for a file's existence and opening it for use,
+particularly dangerous from a security perspective.
+Whenever it is possible,
 .Fn mkstemp
 should be used instead.
 .Sh SEE ALSO
author	sheldonh <sheldonh@FreeBSD.org>	2000-01-25 13:58:46 +0000
committer	sheldonh <sheldonh@FreeBSD.org>	2000-01-25 13:58:46 +0000
commit	4497b0fbabcff52472040173a4ea879ec212ecaa (patch)
tree	a1d72074dc141471f6f65103b12e9cbf57e37d51 /lib/libc/stdio
parent	348b00703f43edaeb5efe0217f899d8ddd9f1e2d (diff)
download	FreeBSD-src-4497b0fbabcff52472040173a4ea879ec212ecaa.zip FreeBSD-src-4497b0fbabcff52472040173a4ea879ec212ecaa.tar.gz