From: Vladimir Prus (ghost_at_[hidden])
Date: 2004-07-20 07:02:20
Jonathan Wakely wrote:
>> No, using mkstemp this way is no different than using tmpnam. Even if
>> the file is already open, there is no reason for it to still be linked
>> in the directory. So you may end up with a different file, and chaos
> Isn't that a bit too general?
I think it is.
> If the file is in a directory that is only writeable to you then only
> the superuser can unlink it, and if you don't trust root you've got far
> bigger problems than this.
> If you can ensure the files are created in a directory that is not group-
> or world-writeable, or in a directory that has the sticky bit set, then
> isn't it (relatively) safe to use:
> char filename = "DIR/tmp.XXXXXX";
> const int fd = mkstemp(filename);
> if (fd == -1)
> throw ...;
> std::fstream f(filename);
> It's certainly better than predictable names in predictable directories,
Actually, on Unix it is safe to just use
char filename = "/tmp/tmp.XXXXXX";
const int fd = mkstemp(filename);
because it /tmp does not exist, or does not have sticky bit, the system is
in trouble already. And I'm not sure it's even possible to have "/" not
owned by root.
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk