=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/Attic/porting.html,v retrieving revision 1.16 retrieving revision 1.17 diff -u -r1.16 -r1.17 --- www/Attic/porting.html 1998/12/21 21:48:41 1.16 +++ www/Attic/porting.html 1999/01/31 23:29:28 1.17 @@ -95,7 +95,7 @@ strcat/strcpy/strcmp/sprintf. In general, sprintf should be replaced with snprintf. -
  • Never use filenames insteaad of true security. There are numerous race +
  • Never use filenames instead of true security. There are numerous race conditions where you don't have proper control. For instance, an attacker who already has user privileges on your machines may replace files in /tmp with symbolic links to more strategic files, such as @@ -111,7 +111,7 @@ O_CREAT|O_EXCLUDE and fdopen instead.
  • Another very common problem is the mktemp - function. Head the warnings of the bsd linker about its uses. + function. Heed the warnings of the bsd linker about its uses. These must be fixed. This is not quite as simple as s/mktemp/mkstemp/g.
    Refer to the mktemp(3) man page of OpenBSD current @@ -206,7 +206,7 @@ historic comments, stating when a particular feature was incorporated into BSD. Checking the numeric value of BSD against known releases is often the right way. See - the NetBSD package guide + the NetBSD package guide for more information.
  • Defining BSD is a bad idea. Try to include sys/param.h. This not only defines BSD, it also gives it a proper value. @@ -341,6 +341,6 @@
    OpenBSD www@openbsd.org -
    $OpenBSD: porting.html,v 1.16 1998/12/21 21:48:41 espie Exp $ +
    $OpenBSD: porting.html,v 1.17 1999/01/31 23:29:28 espie Exp $