|
|
Log in / Subscribe / Register

Quotes of the week

Quotes of the week

Posted Jun 3, 2010 15:47 UTC (Thu) by RobSeace (subscriber, #4435)
In reply to: Quotes of the week by spender
Parent article: Quotes of the week

> This should be less common in C apps now that there are more secure
> functions available for the creation of temporary files, but it remains a
> problem for scripting languages (think echo "blah" >> $TMPDIR/test).

Shell scripts, at least, have no excuse anymore, either: they can just use /bin/mktemp...

to post comments

Quotes of the week

Posted Jun 3, 2010 17:22 UTC (Thu) by spender (guest, #23067) [Link]

True, they have no excuse, but just judging from recent CVEs and a realistic sense of the context in which scripts are often written (joe sysadmin), there's a higher incidence of them not doing things correctly.

At the end of the day though, I'd just rather not get owned than explain how I got owned because <insert person> had no excuse for the way his code/script was written.

-Brad


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds