henry (05/18/82)
As several people have pointed out, it's better to use umask rather than chmod -- no timing windows and it's arguably a bit cleaner. Although there is also a problem with the bad guys precreating the file (especially since sort's file usage tends to be predictable), the business of fstatting it to check its ownership is a bit ugly; better would be the solution available in 3.0 (a mode to creat/open which guarantees failure if the file already exists). This is not a big worry with me, although it might be at places with more active snoopers. Such places should also consider the mod several people have made which uses the sticky bit on a directory to mean "can't unlink files you don't own".
dan (05/19/82)
References: utzoo.2051 A "secure" sort program would not create tempfiles in a publicly writable directory.