--- ./marc.c.orig	Tue Apr 14 18:59:21 1992
+++ ./marc.c	Wed Aug 11 10:22:31 1999
@@ -28,12 +28,17 @@
 #if	UNIX
 #include <sys/types.h>
 #include <sys/stat.h>
+#include <errno.h>
+#include <unistd.h>
+#include <string.h>
+#include <err.h>
 #endif
 
 #ifndef	__STDC__
 char *calloc(), *malloc(), *realloc(); /* memory managers */
 #endif
 VOID	arcdie();
+int move(),setstamp();
 static VOID expandlst(), merge();
 
 FILE *src;			       /* source archive */
@@ -50,7 +55,7 @@
     char *makefnam();		       /* filename fixup routine */
     char *envfind();
 #if	!_MTS
-    char *arctemp2, *mktemp();		/* temp file stuff */
+    char *arctemp2;		       /* temp file stuff */
 #endif
 #if	GEMDOS
     VOID exitpause();
@@ -114,8 +119,18 @@
 #endif
 #if	!MSDOS
 	{
-		static char tempname[] = "AXXXXXX";
-		strcat(arctemp, mktemp(tempname));
+		static char tempname[] = "AXXXXXX.arc";
+		int fd=-1;
+		strcat(arctemp, tempname);
+		if((fd = mkstemps(arctemp,4)) == -1 ||
+		   (new = fdopen(fd, "w+")) == NULL) {
+			if (fd != -1) {
+				unlink(arctemp);
+				close(fd);
+			}
+			err(1, "can't create temp file %s", arctemp);
+		}
+
 	}
 #else
 	strcat(arctemp, "$ARCTEMP");
@@ -148,8 +163,10 @@
     arc = fopen(arcname,OPEN_R);	       /* open the archives */
     if(!(src=fopen(srcname,OPEN_R)))
 	 arcdie("Cannot read source archive %s",srcname);
+#if !defined(__OpenBSD__) && !defined(__FreeBSD__) /* this is insecure, see mkstemp(3) */
     if(!(new=fopen(newname,OPEN_W)))
 	 arcdie("Cannot create new archive %s",newname);
+#endif
 
     if(!arc)
 	 printf("Creating new archive %s\n",arcname);
@@ -283,7 +300,7 @@
     else return 0;		       /* or fake end of archive */
 }
 
-copyfile(f,hdr,ver)		       /* copy a file from an archive */
+int copyfile(f,hdr,ver)		       /* copy a file from an archive */
 FILE *f;			       /* archive to copy from */
 struct heads *hdr;		       /* header data for file */
 int ver;			       /* header version */