Hi, I've discovered that mod_curb (ports/www/mod_curb) uses a ridiculously unsafe method to access a file in /tmp: file mod_curb.c, line 42: log = fopen( "/tmp/modcurb.log","a" ); The same issue exists in other software written by this author, but fortunately there's nothing more of it in ports. :) -- Jan Srzednicki w at expro.pl