tempfile.mktemp() and symlink attacks
Neil Schemenauer
nas at python.ca
Mon Nov 18 16:58:59 EST 2002
Aahz wrote:
> [I'm reposting this because nobody followed up to it. I tried doing
> some research because I know there have been changed for Python 2.3, but
> I wasn't able to find the relevant posts on python-dev.]
>
> In article <3ygu9.105734$La5.330766 at rwcrnsc52.ops.asp.att.net>,
> Kent Hu <kenthu at kenNOSPAMthu.net> wrote:
> >Is using tempfile.mktemp() vulnerable to symlink attacks?
Yes. mktemp() just gives you a name. Someone nasty could create a
symlink with that name before you. You should open the file using:
os.open(name, os.O_RDWR|os.O_CREAT|os.O_EXCL, 0700)
tempfile.TemporaryFile already does this. 2.3 has a handy function
called mkstemp that returns a name and an open file descriptor.
HTH,
Neil
More information about the Python-list
mailing list