nic(a)niss.ac.uk wrote on 19-April-2000: ->My brain hurts just reading this (well the Unix98 pty bit anyway). -> ->I thought I'd forward first and check later, since many of you will be ->able to verify any of these problems quicker than I can. 1. Improper permissions on slave PTYs Err, we don't support Unix98 ptys as far as I can tell, is that correct? 2. Unsafe creation of temporary files Stating-the-obvious. If FSF Emacs 21 has make-temp-file we could steal it. We do support the TMPDIR variable, though. cf. temp-directory. 3. Passwords are stored in the key history Oh please. If someone has physical access to your machine, it's game over anyway. If I've left Netscape running they can order millions of books too. There is at least one well known security expert on this list. Perhaps they (or anyone else) would like to comment on what, if anything we should patch. nic -- Dr N.J.Doye, Systems Programmer, NISS, PO Box 2674, Bath. BA2 7XY