[fpc-pascal] GetTempFileName in Linux
Jonas Maebe
jonas.maebe at elis.ugent.be
Wed Oct 6 11:15:50 CEST 2010
On 06 Oct 2010, at 11:05, Michael Van Canneyt wrote:
> On Wed, 6 Oct 2010, Jonas Maebe wrote:
>
>> On 06 Oct 2010, at 09:41, Michael Van Canneyt wrote:
>>
>>> This is always true on Unix, the only way to make sure is to have
>>> the kernel
>>> create the temporary name and file for you. Unix - to my knowledge
>>> - does not have a way to create and lock a file in one atomic
>>> operation; There are
>>> always 2 operations involved, and so anything can happen between
>>> the 2
>>> calls.
>>
>> You can at least open a file with O_CREAT|O_EXCL|O_NOFOLLOW to make
>> sure that it does not yet exist at the point that you create it
>> (and that it's not a symlink either).
>
> This is correct, but doesn't lock the file,
Locking is always advisory on Unix, so that doesn't matter anyway.
> and so it doesn't prevent
> someone from 'stealing' the file before the lock is applied.
Nobody else can steal the file once you have created it, because they
won't be the owner nor have the necessary permissions. That is the
main security risk and it is solved by this approach. The fact that
another process running under your login not using O_EXCL could
overwrite it is not an extra security risk (if you have a rogue
process running under your login, nothing that you do is safe because
it can use ptrace to modify any process in any way it sees fit anyway).
Jonas
More information about the fpc-pascal
mailing list