On Thu, Feb 16, 2006 at 04:20:57PM +0000, Philip Hazel wrote:
> I don't like 777[*] because I might overlook something, thereby causing
> a disaster. 077 is probably OK, because Exim itself only relies on the
> owner field; the group field is often set for eximon etc, but not for
> Exim itself.
How about setting umask 077, creating an fopen wrapper which takes a
mode as well, and adding code to the testsuite that greps through the
code and raises an alarm whenever it finds an unwrapped fopen() call
outside the wrapper itself?
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835
