[Python-Dev] Remove tempfile.mktemp()

Anders Munch ajm at flonidan.dk
Wed Mar 20 08:30:50 EDT 2019

Previous message (by thread): [Python-Dev] Remove tempfile.mktemp()
Next message (by thread): [Python-Dev] Remove tempfile.mktemp()
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Victor Stinner:
> To be clear: mktemp() is vulnerable by design

No: mktemp() is vulnerable by implementation.  Specifically, returning a file name in a world-accessible location, /tmp.

regards, Anders

Previous message (by thread): [Python-Dev] Remove tempfile.mktemp()
Next message (by thread): [Python-Dev] Remove tempfile.mktemp()
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list