[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: creating temporary files in a secure way
|
From: |
Paul Eggert |
|
Subject: |
Re: creating temporary files in a secure way |
|
Date: |
Fri, 04 Feb 2005 16:16:12 -0800 |
|
User-agent: |
Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (gnu/linux) |
Bruno Haible <address@hidden> writes:
> I think it's worth describing how to portably create a temporary
> file.
Thanks for this suggestion. I altered the change a bit and installed
this:
2005-02-04 Bruno Haible <address@hidden>
and Paul Eggert <address@hidden>
* doc/autoconf.texi (Limitations of Usual Tools): New mkstemp entry.
--- autoconf.texi 3 Feb 2005 00:31:33 -0000 1.873
+++ autoconf.texi 5 Feb 2005 00:11:43 -0000 1.874
@@ -11819,6 +11819,35 @@ recent enough (the copies shipped with A
older versions are not thread-safe either).
address@hidden @command{mktemp}
address@hidden -------------------
address@hidden @command{mktemp}
address@hidden Creating temporary files
+The command @command{mktemp} lets shell scripts use temporary files
+safely, but it does not exist on all systems. A portable way to create
+a safe temporary file name is to create a temporary directory with mode
+700 and use a file inside this directory.
+
+Here is sample code to create a new temporary directory safely
+under @code{$TMPDIR}, with the default location being @file{/tmp}:
+
address@hidden
+: address@hidden/address@hidden
address@hidden
+ # Prefer mktemp if it exists, as it is more reliable.
+ tmp=`
+ (umask 077 && mktemp -d "$TMPDIR/fooXXXXXX") 2>/dev/null
+ ` &&
+ test -n "$tmp" && test -d "$tmp"
address@hidden ||
address@hidden
+ # Fall back on mkdir; $RANDOM makes collisions less likely.
+ tmp=$TMPDIR/foo$$-$RANDOM
+ (umask 077 && mkdir "$tmp")
address@hidden || exit $?
address@hidden example
+
+
@item @command{mv}
@c ---------------
@prindex @command{mv}
- Re: creating temporary files in a secure way,
Paul Eggert <=