warnings on compile

Jeremy Allison jeremy at valinux.com
Thu Dec 14 18:03:37 GMT 2000

"Klein, Christopher" wrote:
>         Hi there, I am trying to install samba on an ftp server running
> freebsd 4.1 I am getting the following warning repeated many times on the
> initial make (I did run the configure step first, and I consulted the
> appropriate readme documents)
>         Warning: mktemp() possibly used unsafely; consider using mkstemp
>         As the security on microsoft products are suspect at best, I do not
> want to add to the insecurity of the network by adding insecure binaries on
> the unix platform if it can be avoided. Is there some kind of switch or
> other modification that will allow the compile to use mkstemp() and not
> generate this message. any other suggestions

The warning is wrong. mktemp is being used securely in Samba.

Every use of the generated filename uses the O_EXCL flag,
which prevents /tmp races.

mkstemp doesn't do what we need here, as it returns a file
descriptor which is not what we want - we want a filename
that is *potentially* unique. We take care of the security
issue ourselves.


	Jeremy Allison,
	Samba Team.

Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.

More information about the samba-technical mailing list