Warnings under OpenBSD

[Andrew Tridgell]

> The attitude is one of "if you don't understand it, don't ask the
> question."

pity

> The mktemp() replacement mkstemp() removes the race condition my
> returning you a file handle rather than a file name to then open().

which is no good for the way we use mktemp() in Samba. We *need* the
filename as it gets passed back to the client so we need a real file,
not a handle pointing at an unlinked file. We use mktemp() safely by
including the O_EXCL bit in the open. 

unfortunately these sort of "dumb programmer detection" systems don't
detect when someone is using a oft-abused function correctly, so they
spit out warnings, which means our mailboxes fill up with people
telling us that we have a security hole.

it's tempting to write out own mktemp() just to avoid these damn
emails, it just seems so stupid as what we need is exactly what
mktemp() gives, and I hate coding around idiotic warnings.

> > lib/util_sec.o: warning: this program uses setregid(), which is deprecated.

does the man page say what the preferred alternative to setregid() is
for OpenBSD?

the irony is that we started using setregid() when available because
other OSes deprecated the use of setegid() and instead encouraged
setregid().