rklogd.c:91:(Urgent) fprintf
Non-constant format strings can often be attacked.
Use a constant format string.
----------------
rklogd.c:324:(Urgent) printf
rklogd.c:325:(Urgent) printf
rklogd.c:326:(Urgent) printf
rklogd.c:327:(Urgent) printf
rklogd.c:328:(Urgent) printf
rklogd.c:411:(Urgent) printf
Non-constant format strings can often be attacked.
Use a constant format string.
----------------
rklogd.c:64:(Urgent) syslog
rklogd.c:385:(Urgent) syslog
Non-constant format strings can often be attacked.
Use a constant format string.
----------------
rklogd.c:341:(Very Risky) mkdir
Potential race condition on: PATH_VARRUN"rklogd"
Points of concern are:
rklogd.c:341: mkdir
rklogd.c:345: chown
Manipulate file descriptors, not symbolic names, when possible.
----------------
rklogd.c:165:(Risky) fchmod
Can lead to process/file interaction race conditions (TOCTOU category C)
Manipulate file descriptors, not symbolic names, when possible.
----------------
rklogd.c:144:(Risky) open
rklogd.c:161:(Risky) open
Can be involved in a race condition if you open things after a poor check. For
example, don't check to see if something is not a symbolic link before opening
it.  Open it, then check bt querying the resulting object.  Don't run tests on
symbolic file names...
Perform all checks AFTER the open, and based on the returned object, not a
symbolic name.
----------------
rklogd.c:300:(Risky) openlog
Can lead to process/file interaction race conditions (TOCTOU category B)
Manipulate file descriptors, not symbolic names, when possible.
----------------
rklogd.c:349:(Risky) symlink
Can lead to process/file interaction race conditions (TOCTOU category A)
Manipulate file descriptors, not symbolic names, when possible.
----------------
rklogd.c:108:(Some risk) bcopy
At risk for buffer overflows.
Make sure that your buffer is really big enough to handle a max len string.
----------------
rklogd.c:302:(Some risk) getopt
Depending on the lib implementation, can be a buffer overflow problem.
Truncate all str inputs to a reasonable size before calling this.
----------------
rklogd.c:252:(Some risk) read
Be careful not to introduce a buffer overflow when using in a loop.
Make sure to check your buffer boundries.
----------------
