Open history files with a restrictive mode (user read/write only).
Do not read/write history files in '.' if $HOME is not set.

Apply by doing:
	cd /usr/src
	patch -p0 < 040_readline.patch

And rebuild binutils by doing:
	cd /usr/src/gnu/usr.bin/binutils
	make -f Makefile.bsd-wrapper obj
	make -f Makefile.bsd-wrapper depend
	make -f Makefile.bsd-wrapper 
	make -f Makefile.bsd-wrapper install

Index: gnu/usr.bin/binutils/readline/history.c
===================================================================
RCS file: /cvs/src/gnu/usr.bin/binutils/readline/history.c,v
retrieving revision 1.2
diff -u -r1.2 history.c
--- gnu/usr.bin/binutils/readline/history.c	1996/11/23 03:53:32	1.2
+++ gnu/usr.bin/binutils/readline/history.c	2001/03/18 01:17:12
@@ -464,7 +464,7 @@
       home = getenv ("HOME");
 
       if (!home)
-	home = ".";
+	return (NULL);
 
       return_val = (char *)xmalloc (2 + strlen (home) + strlen (".history"));
 
@@ -499,8 +499,10 @@
   int file, current_line;
   struct stat finfo;
 
-  input = history_filename (filename);
-  file = open (input, O_RDONLY, 0666);
+  if ((input = history_filename (filename)))
+    file = open (input, O_RDONLY, 0666);
+  else
+    file = -1;
 
   if ((file < 0) ||
       (stat (input, &finfo) == -1))
@@ -584,7 +586,7 @@
   struct stat finfo;
 
   filename = history_filename (fname);
-  if (stat (filename, &finfo) == -1)
+  if (!filename || stat (filename, &finfo) == -1)
     goto truncate_exit;
 
   file = open (filename, O_RDONLY, 0666);
@@ -621,7 +623,7 @@
 	break;
       }
 
-  file = open (filename, O_WRONLY | O_TRUNC | O_CREAT, 0666);
+  file = open (filename, O_WRONLY | O_TRUNC | O_CREAT, 0600);
   if (file == -1)
     goto truncate_exit;
 
@@ -656,7 +658,7 @@
   else
     mode = O_WRONLY | O_APPEND;
 
-  if ((file = open (output, mode, 0666)) == -1)
+  if (!output || (file = open (output, mode, 0600)) == -1)
     {
       if (output)
 	free (output);