[fpc-pascal] GetTempFileName in Linux

Jonathan winelauncher.jonathan at googlemail.com
Wed Oct 6 23:57:51 CEST 2010


On Wed, 6 Oct 2010 09:41:03 +0200 (CEST)
Michael Van Canneyt <michael at freepascal.org> wrote:

> I'm open for some more sophisticated algorithm which does some more checking.
> 
> Michael.

Honour one of the temp directory environment variables, I know of TMPDIR, TEMP, TMP. I think it would be best to check them in order and then default to /tmp/.
Create a folder in the temp directory naming it after the user name. E.g /tmp/myusername/
Ensure only the owner can read and write in the folder.
Create a folder in "/tmp/myusername/" using your program name.
Then create your temp file. so you have "/tmp/myusername/programname/tmp01"

You should only need to check for symlinks, hardlinks and read/write rights on the "/tmp/myusername" folder.

What is the cost? 
 Two more inodes
 More cpu time
What do you get?
 It hides the file's names
 Good layout
 Easier  to use Tomoyo and Apparmour.



On Wed, 06 Oct 2010 09:40:42 +0200
Sven Barth <pascaldragon at googlemail.com> wrote:

>Windows (or at least ReactOS) seems to use GetTickCount to generate a 
>random filename: 
Do not you use random file names without a subdirectory because you can not use Tomoyo or Apparmour to lock the program down.

I use this trick with Firefox.
From my .bashrc file
 mkdir /tmp/$USER >> /dev/null 2>&1
 chmod u=rwx,g=rwx,o-rwx /tmp/$USER >> /dev/null 2>&1
 export TMPDIR="/tmp/$USER" >> /dev/null 2>&1

#!/bin/sh
mkdir $TMPDIR/firefox/
env TMPDIR=$TMPDIR/firefox /usr/bin/firefox $@

From my Tomoyo profile:
 allow_read/write /tmp/\*/firefox/\*
 allow_rename /tmp/\*/firefox/\* /tmp/\*/firefox/\*
 allow_rename /tmp/\*/firefox/\*.part /home/\*/Downloads/\*
 allow_truncate /tmp/\*/firefox/\*
 allow_unlink /tmp/\*/firefox/\*

Since there is no way to predict what the file name will be, permissions have to be done on a per folder basis, not per file.



More information about the fpc-pascal mailing list