ThePath - Convenient lib to deal with paths and files. (Alpha version)
Dmytro Katyukha
firemage.dima at gmail.com
Thu Jan 19 09:38:09 UTC 2023
On Tuesday, 17 January 2023 at 23:12:26 UTC, H. S. Teoh wrote:
> On Sun, Jan 15, 2023 at 01:53:51PM +0000, Dmytro Katyukha via
> Digitalmars-d-announce wrote: [...]
>> [...]
>
> Yes it would be nice. But there may be security implications.
> For Posix, I see you use mkdtemp, which is secured by the OS /
> libc implementor. But for non-Posix, you used std.random; this
> is insecure because std.random is not intended for
> cryptographic applications, and anything not designed for
> crytographic security is vulnerable to exploits. Also, you
> need to be careful with the default permissions with the temp
> directory is created; leaving it up to whatever's set in the
> user's environment is generally unwise.
>
> [...]
Hi,
Thank you for your feedback)
More information about the Digitalmars-d-announce
mailing list