From bf4ea3aa0d6dbae1deda3f2e95d4ed3c77866ef7 Mon Sep 17 00:00:00 2001
From: green <green@FreeBSD.org>
Date: Fri, 20 Feb 2004 04:08:28 +0000
Subject: Document dependence of mktemp(3) on the non-reentrant arc4random(3).

---
 lib/libc/stdio/mktemp.3 | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'lib')

diff --git a/lib/libc/stdio/mktemp.3 b/lib/libc/stdio/mktemp.3
index e875a03..432d0de 100644
--- a/lib/libc/stdio/mktemp.3
+++ b/lib/libc/stdio/mktemp.3
@@ -219,6 +219,13 @@ and the return status of the call should be tested for failure.
 This will ensure that the program does not continue blindly
 in the event that an attacker has already created the file
 with the intention of manipulating or reading its contents.
+.Pp
+The implementation of these functions calls
+.Xr arc4random 3 ,
+which is not reentrant.
+You must provide your own locking around this and other consumers of the
+.Xr arc4random 3
+API.
 .Sh SEE ALSO
 .Xr chmod 2 ,
 .Xr getpid 2 ,
-- 
cgit v1.1