| version 1.16, 1998/12/21 21:48:41 |
version 1.17, 1999/01/31 23:29:28 |
|
|
| <code>strcat/strcpy/strcmp/sprintf</code>. In general, |
<code>strcat/strcpy/strcmp/sprintf</code>. In general, |
| <code>sprintf</code> should be replaced with <code>snprintf</code>. |
<code>sprintf</code> should be replaced with <code>snprintf</code>. |
| |
|
| <li>Never use filenames insteaad of true security. There are numerous race |
<li>Never use filenames instead of true security. There are numerous race |
| conditions where you don't have proper control. For instance, an attacker |
conditions where you don't have proper control. For instance, an attacker |
| who already has user privileges on your machines may replace files in |
who already has user privileges on your machines may replace files in |
| <code>/tmp</code> with symbolic links to more strategic files, such as |
<code>/tmp</code> with symbolic links to more strategic files, such as |
|
|
| <code>O_CREAT|O_EXCLUDE</code> and <code>fdopen</code> instead. |
<code>O_CREAT|O_EXCLUDE</code> and <code>fdopen</code> instead. |
| |
|
| <li>Another very common problem is the <code>mktemp</code> |
<li>Another very common problem is the <code>mktemp</code> |
| function. Head the warnings of the bsd linker about its uses. |
function. Heed the warnings of the bsd linker about its uses. |
| <strong>These must be fixed</strong>. |
<strong>These must be fixed</strong>. |
| This is not quite as simple as <code>s/mktemp/mkstemp/g</code>. <br> |
This is not quite as simple as <code>s/mktemp/mkstemp/g</code>. <br> |
| Refer to the <code>mktemp(3)</code> man page of OpenBSD current |
Refer to the <code>mktemp(3)</code> man page of OpenBSD current |
|
|
| historic comments, stating when a particular feature was incorporated |
historic comments, stating when a particular feature was incorporated |
| into BSD. Checking the numeric value of <code>BSD</code> against known |
into BSD. Checking the numeric value of <code>BSD</code> against known |
| releases is often the right way. See |
releases is often the right way. See |
| <a href="http://www.netbsd.org/Documentation/netbsd/Packages.txt">the NetBSD package guide</a> |
<a href="ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/Packages.txt">the NetBSD package guide</a> |
| for more information. |
for more information. |
| <li>Defining <code>BSD</code> is a bad idea. Try to include <code>sys/param.h</code>. |
<li>Defining <code>BSD</code> is a bad idea. Try to include <code>sys/param.h</code>. |
| This not only defines <code>BSD</code>, it also gives it a proper value. |
This not only defines <code>BSD</code>, it also gives it a proper value. |
![[BACK]](/icons/back.gif){kind=icon}
Return to porting.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www