<div dir="ltr"><div class="gmail_quote">On Tue, Oct 5, 2010 at 17:30, Sven Barth <span dir="ltr"><<a href="mailto:pascaldragon@googlemail.com">pascaldragon@googlemail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
Am 05.10.2010 17:20, schrieb Leonardo M. Ramé:<div class="im"><br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
Hi, if I run this program from command line in Linux, I allways get the same result, "/tmp/TMP00000.tmp". Shouldn't it return a different file name each time it's executed?.<br>
<br>
How can I get different file names?<br>
<br>
program tempfilename;<br>
uses<br>
sysutils;<br>
begin<br>
writeln(GetTempFileName);<br>
end.<br>
</blockquote>
<br></div>
Did you delete the file after the run of your program? GetTempFileName always starts from 0 and checks whether that file already exists. If not, it returns that name else it continues increasing the index.<br></blockquote>
<div><br><br>That's a security risk, because it is very easy to know what will be the file name. It should return random name that does not exists on a random length (that the developer chooses).<br><br>Symlink attack: <a href="http://www.infosecwriters.com/texts.php?op=display&id=159">http://www.infosecwriters.com/texts.php?op=display&id=159</a> for better understanding.<br>
</div><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<br>
Regards,<br><font color="#888888">
Sven</font><div><div></div><div class="h5"><br>
_______________________________________________<br>
fpc-pascal maillist - <a href="mailto:fpc-pascal@lists.freepascal.org" target="_blank">fpc-pascal@lists.freepascal.org</a><br>
<a href="http://lists.freepascal.org/mailman/listinfo/fpc-pascal" target="_blank">http://lists.freepascal.org/mailman/listinfo/fpc-pascal</a><br>
</div></div></blockquote></div><br><br>Ido<br></div>