[Python-Dev] Ext4 data loss
Zvezdan Petkovic
zvezdan at zope.com
Fri Mar 13 15:09:27 CET 2009
On Mar 12, 2009, at 3:15 PM, Martin v. Löwis wrote:
> You still wouldn't use the tempfile module in that case. Instead, you
> would create a regular file, with the name base on the name of the
> important file.
If the file is *really* important, you actually want to use a
temporary, randomly chosen, *unpredictable* name.
Think about the security implications of a file name that is in
advance known to an attacker as well as the fact that the said file
will replace an *important* system file.
See the details in any man page on mkstemp() and why it was introduced
to replace a predictable mktemp(). Also notice that even mktemp() is
better then what you proposed above.
Of course, the above are C functions. I don't think that Python
programming is immune from such security considerations either.
Zvezdan
More information about the Python-Dev
mailing list