Remove usage of tempfile.mktemp in stdlib #86444
Comments
|
Currently, there are many uses of Lib/asyncio/windows_utils.py:34: address = tempfile.mktemp(
Lib/distutils/command/bdist_wininst.py:185: archive_basename = mktemp()
Lib/distutils/util.py:386: (script_fd, script_name) = None, mktemp(".py")
Lib/msilib/__init__.py:214: filename = mktemp()
Lib/multiprocessing/connection.py:81: return tempfile.mktemp(prefix='listener-', dir=util.get_temp_dir())
Lib/multiprocessing/connection.py:83: return tempfile.mktemp(prefix=r'\.\pipe\pyc-%d-%d-' %
Lib/pydoc.py:1620: filename = tempfile.mktemp()
Lib/test/bisect_cmd.py:75: tmp = tempfile.mktemp()
Lib/test/test_bytes.py:1193: tfn = tempfile.mktemp()
Lib/test/test_contextlib.py:316: tfn = tempfile.mktemp()
Lib/test/test_doctest.py:2724: >>> fn = tempfile.mktemp()
Lib/test/test_doctest.py:2734: >>> fn = tempfile.mktemp()
Lib/test/test_doctest.py:2744: >>> fn = tempfile.mktemp()
Lib/test/test_faulthandler.py:51: filename = tempfile.mktemp()
Lib/test/test_shutil.py:1624: filename = tempfile.mktemp(dir=dirname)
Lib/test/test_shutil.py:1935: dst_dir = tempfile.mktemp(dir=self.mkdtemp())
Lib/test/test_shutil.py:2309: name = tempfile.mktemp(dir=os.getcwd())
Lib/test/test_shutil.py:272: filename = tempfile.mktemp(dir=self.mkdtemp())
Lib/test/test_shutil.py:677: dst = tempfile.mktemp(dir=self.mkdtemp())
Lib/test/test_socket.py:699: path = tempfile.mktemp(dir=self.dir_path)
Lib/test/test_socketserver.py:100: fn = tempfile.mktemp(prefix='unix_socket.', dir=dir)I am hoping this issue will be spotted as I couldn't find who to add to the nosy for this. I think, bearing in mind that use of this method is a security issue, we should reduce this number as low as feasible (though, I am sure that a number of those will have good reasons for using mktemp, and will be doing so in a safe way). |
E-Paine
mannequin
added
3.7 (EOL)
|
Most of them are in tests. There is no security issue there, also the code may be clearer and more reliable if use helper function test.support.temp_dir(). And most of the rest are in Windows specific code. Some Windows code may not work if you hold open file descriptor, so we should ensure that that code is tested. |
|
Yeah, once tests are excluded and the (deprecated or nearly deprecated) distutils and msilib are dropped, the problems are pydoc (which looks non-exploitable) and anywhere we need to generate a named pipe. Both cases where named pipes are being created are as safe as the OS allows, so it's really just pydoc that might deserve a fix. (For reference, it's in the variation of help() that writes the docstring to a file and triggers the equivalent of "type <file> | more" or "cat <file> | less", which is already only useful in an interactive shell.) So I'd suggest it's already as low as possible, but if someone wants to fix pydoc (and encourage the SC to approve PEP-594 and PEP-632 so we don't have to worry about msilib or distutils) then they can feel free. |
I am currently drafting a PR which will replace it with |
|
Just left a blocking review on the PR - I don't want to rely on the shell being able to use an already open file. There's at least one other issue about making NamedTemporaryFile work for this case. Once that is done, this can be made to work. |
|
Distutils is now deprecated (see PEP-632) and all tagged issues are being closed. From now until removal, only release blocking issues will be considered for distutils. If this issue does not relate to distutils, please remove the component and reopen it. If you believe it still requires a fix, most likely the issue should be re-reported at https://github.com/pypa/setuptools |
|
Thanks, E. Paine! ✨ 🍰 ✨ |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: