[New-bugs-announce] [issue21515] Use Linux O_TMPFILE flag in tempfile.TemporaryFile?

STINNER Victor report at bugs.python.org
Fri May 16 11:17:21 CEST 2014

New submission from STINNER Victor:

Linux 3.11 introduced a new file flag "O_TMPFILE". The flag is exposed in Python, see the issue #18673.

"O_TMPFILE is a new open(2)/openat(2) flag that makes easier the creation of secure temporary files. Files opened with the O_TMPFILE flag are created but they are not visible in the filesystem. And as soon as they are closed, they get deleted - just as a file you would have opened and unlinked."

Does it make sense to use this flag in tempfile.TemporaryFile?

Attached patch is a work-in-progress patch for tempfile.

> if hasattr(_os, 'O_TMPFILE'):
>     _O_TMPFILE = _os.O_TMPFILE
> elif _sys.platform == 'linux':
>     __O_TMPFILE = 0o20000000

The second if should be removed. I used it because my Linux kernel (3.14) supports the flag, but the constant is not defined yet in C headers of my C library (glibc 2.18).

> flags = (flags | _O_TMPFILE) & ~_os.O_CREAT

O_CREAT is incompatible with O_TMPFILE.

Bonus point of the flag: no need to compute a random name! Just pass the temporary directory.

To do: test the patch on Linux < 3.11 to see how the flag is interpreted. If the flag is ignored, we open the directory in write mode! That's insafe. If the flag raises an error, we should fallback to the current implementation and remember that the flag is not supported.

I implemented something similar for O_CLOEXEC and SOCK_CLOEXEC flags (PEP 433).

files: tempfile_o_tmpfile.patch
keywords: patch
messages: 218648
nosy: haypo, neologix
priority: normal
severity: normal
status: open
title: Use Linux O_TMPFILE flag in tempfile.TemporaryFile?
versions: Python 3.5
Added file: http://bugs.python.org/file35261/tempfile_o_tmpfile.patch

Python tracker <report at bugs.python.org>

More information about the New-bugs-announce mailing list