Question on os.tempnam() vulnerability

Jarek Zgoda jzgoda at o2.usun.pl
Sat Jan 5 12:41:54 CET 2008


Grant Edwards pisze:

>> you get a name instead of a file, so someone else can create that file 
>> after you've called tempnam/tmpnam, but before you've actually gotten 
>> around to create the file yourself.  which means that anyone on the 
>> machine might be able to mess with your application's data.
>>
>> use the functions marked as "safe" in the tempfile module instead.
> 
> Under Windows, is there a "safe" way to create a temp file that
> has a name that can be passed to a program which will then open
> it? I never figured out a way to do that and had to fall back
> on the "unsafe" tmpnam method.

I think it's all impossible to get only file name and feel safe. You
have to have both file name and a file object opened exclusively for
you. Any other way you'll get a possible race condition.

-- 
Jarek Zgoda
http://zgodowie.org/



More information about the Python-list mailing list