On Fri, 25 Aug 1995, Darren Reed wrote: > People designing setuid-root programs or programs in general which perform > priviledged operations and need temporary files should consider using a > non-public access directory as the temp. file location. What about using the tempnam() call? Maybe it's not available on all platforms although it is on AIX, SCO and HP-UX, so I'd have thought it would be. Do you feel that the randomness of the filenames this returns is not random enough? Or is it that the very nature of a file that the world can get at is the security threat, no matter what permissions are in existence. I'd have thought that having /tmp mode 1777, using tempnam() to get the file name, and creating this file in mode 0600 would be sufficient. Dave Roberts | "Just paddling out into big surf is a total Unix Systems Administrator | commitment" * "You can't just call time-out and SAA Consultants Ltd | stroll on back to the beach if you don't like Plymouth, UK <EDI Services> | the way things are going" - Point Break