[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: creating temporary files in a secure way

From: Paul Eggert
Subject: Re: creating temporary files in a secure way
Date: Fri, 04 Feb 2005 16:16:12 -0800
User-agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (gnu/linux)

Bruno Haible <address@hidden> writes:

> I think it's worth describing how to portably create a temporary
> file.

Thanks for this suggestion.  I altered the change a bit and installed

2005-02-04  Bruno Haible <address@hidden>
        and Paul Eggert  <address@hidden>

        * doc/autoconf.texi (Limitations of Usual Tools): New mkstemp entry.

--- autoconf.texi       3 Feb 2005 00:31:33 -0000       1.873
+++ autoconf.texi       5 Feb 2005 00:11:43 -0000       1.874
@@ -11819,6 +11819,35 @@ recent enough (the copies shipped with A
 older versions are not thread-safe either).
address@hidden @command{mktemp}
address@hidden -------------------
address@hidden @command{mktemp}
address@hidden Creating temporary files
+The command @command{mktemp} lets shell scripts use temporary files
+safely, but it does not exist on all systems.  A portable way to create
+a safe temporary file name is to create a temporary directory with mode
+700 and use a file inside this directory.
+Here is sample code to create a new temporary directory safely
+under @code{$TMPDIR}, with the default location being @file{/tmp}:
+: address@hidden/address@hidden
+  # Prefer mktemp if it exists, as it is more reliable.
+  tmp=`
+    (umask 077 && mktemp -d "$TMPDIR/fooXXXXXX") 2>/dev/null
+  ` &&
+  test -n "$tmp" && test -d "$tmp"
address@hidden ||
+  # Fall back on mkdir; $RANDOM makes collisions less likely.
+  tmp=$TMPDIR/foo$$-$RANDOM
+  (umask 077 && mkdir "$tmp")
address@hidden || exit $?
address@hidden example
 @item @command{mv}
 @c ---------------
 @prindex @command{mv}

reply via email to

[Prev in Thread] Current Thread [Next in Thread]