John Machin wrote: > On 7/06/2006 3:57 PM, Dennis Lee Bieber wrote: > >>On Wed, 07 Jun 2006 09:56:13 +1000, John Machin <[EMAIL PROTECTED]> >>declaimed the following in comp.lang.python: >> >> >>>The dir, prefix and suffix parameters are passed to mkstemp(). >> >> <snip> >> >>>So I'd be thinking about using the (deprecated) mktemp() instead, >> >> I think you passed over the mkstemp() variation. Granted, it, too, >>returns an opened file, along with the full pathname of the file, but it >>requires the caller to handle eventual disposal of the file. >> >> Merely close the opened file; pass the pathname to the subprocess, >>await completion of subprocess, reopen the file for use in Python... >>Then at the end, close the file and use the pathname to delete the file >>from the system. > > > I passed over mkstemp() because (according to my reading of the manual), > mkstemp() requires an *extra* step (close the file), leaving the > situation then *exactly* the same as with mktemp() i.e. some pirate > process may molest the file before the caller's child process can open > the file. > Surely if you set permissions correctly on /tmp (sticky-but to require ownership for deletion) and you create your temporary file with sensible ownership and permissions then rogue processes without root privileges can't do anything bad to your files. Or am I wrong?
Of course if a rogue process has root privileges then all security bets are off anyway. regards Steve -- Steve Holden +44 150 684 7255 +1 800 494 3119 Holden Web LLC/Ltd http://www.holdenweb.com Love me, love my blog http://holdenweb.blogspot.com Recent Ramblings http://del.icio.us/steve.holden -- http://mail.python.org/mailman/listinfo/python-list
