Differences between revisions 2 and 3
Revision 2 as of 2007-07-24 18:54:13
Size: 1044
Editor: client-86-27-236-218
Comment:
Revision 3 as of 2007-07-24 20:12:18
Size: 1280
Editor: GreyCat
Comment: comment added. looks promising at first glance.
Deletions are marked like this. Additions are marked like this.
Line 21: Line 21:

 ''Hmmm... this has potential, if you check the exit status of `mkdir` to be sure it actually created the directory. And set `umask` to something fairly restrictive as well. It could use some more peer review, though. -- GreyCat''

Anchor(faq62)

How do I create a temporary file in a secure manner?

Good question. To be filled in later. (Interim hints: tempfile is not portable. mktemp exists more widely, but it may require a -c switch to create the file in advance; or it may create the file by default and barf if -c is supplied. There does not appear to be any single command that simply works everywhere, without testing various arguments.)

Suggestion (remove if not universal): A temporary file/directory can be created that is unlikely to match that of an existing file/directory using the RANDOM environmental variable as follows: 

   TEMP_DIR=/tmp/$RANDOM
   mkdir $TEMP_DIR

This will make a directory of the form: /tmp/20445/. To decrease the chance of collision with an existing file, the RANDOM variable can be used a number of times: 

   TEMP_DIR=/tmp/$RANDOM-$RANDOM-$RANDOM
   mkdir $TEMP_DIR

This will make a directory of the form: /tmp/24953-2875-2182/

  • Hmmm... this has potential, if you check the exit status of mkdir to be sure it actually created the directory. And set umask to something fairly restrictive as well. It could use some more peer review, though. -- GreyCat

BashFAQ/062 (last edited 2023-04-28 01:07:11 by larryv)