[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: os.tmpname security risk?
- From: Steve Litt <slitt@...>
- Date: Wed, 13 Jul 2011 23:33:20 -0400
On Wednesday, July 13, 2011 09:54:44 PM Patrick Donnelly wrote:
> On Wed, Jul 13, 2011 at 9:47 PM, Steve Litt
<slitt@troubleshooters.com> wrote:
> >> Your file maker is not better. There is a race condition between
> >> the test to check for the existence of the desired file and the
> >> opening of the file for writing (which creates it).
> >>
> >> This is why Lua and everyone else uses mkstemp [1].
> >>
> >> [1]
> >> http://pubs.opengroup.org/onlinepubs/009695399/functions/mkstemp
> >> .h tml
> >
> > Cool! Where's the documentation on the Lua implementation of
> > mkstemp()?
>
> os.tmpname uses mkstemp. Look at the source.
os.tmpname() isn't exactly what I want. First, I have no control over
the filename, and I like that control for debugging and cleaning up
after ugly crashes. Also, os.tmpname()'s docs say it doesn't open the
file for write, except on Posix systems. And in fact, to get the file
handle to write, you need to do io.open(filename, "w"), which doesn't
give me a warm, fuzzy feeling. Under the circumstances, if I wanted
something better than my original code with the race condition, I'd
just make a C module, using mkstemp(template), to interface to Lua.
Thanks
Steve
Steve Litt
Author: The Key to Everyday Excellence
http://www.troubleshooters.com/bookstore/key_excellence.htm
Twitter: http://www.twitter.com/stevelitt