On Sat, Jul 2, 2011 at 12:29 PM, HyperHacker<hyperhacker@gmail.com> wrote:
But what stops someone from removing that file and creating their own,
or changing its permissions? It doesn't seem like this really
mitigates the risk at all.
As the Monty Python skit goes, 'Sheer luxury!'. os.tmpname() doesn't
even give you a suitable path to a temporary folder on Windows (you
would get something like '\s4n4.'). Not Lua's fault, of course, but
another example of the neglected wasteland known as the Windows C
run-time.
The version I use then is something like os.getenv('TMP')..os.tmpname().
steve d.