[Python-Dev] Remove tempfile.mktemp()
Anders Munch
ajm at flonidan.dk
Wed Mar 20 04:47:53 EDT 2019
Greg Ewing:
> So use NamedTemporaryFile(delete = False) and close it before passing it to the other program.
That's effectively the same as calling tempfile.mktemp. While it does waste time opening and closing an unused file, that doesn't help with security. If anything, it might worsen security.
If a secure implementation of mktemp is truly impossible, then the same could be said for NamedTemperatoryFile(delete=False). Should that be deprecated as well?
regards, Anders
More information about the Python-Dev
mailing list