Message260291
The security issues of `tempfile.mktemp` are clear when the return value is used to create a filesystem entry. The documentation and docstrings (and even some comments on past issues) are correct o deprecate its use for that purpose.
The function has a use which doers not have security implications: generating test data. When a test case wants to generate unpredictable, unique, valid filesystem paths – and *never access those paths* on the filesystem – the `tempfile.mktemp` function is right there and is very useful.
The `tempfile._RandomNameSequence` class would also be useful, but its name also makes clear that it is not part of the library public API.
Please make that functionality available for the purpose of *only* generating filesystem paths as `tempfile._RandomNameSequence` does, in a public, supported, non-deprecated API. |
|
Date |
User |
Action |
Args |
2016-02-15 02:11:11 | bignose | set | recipients:
+ bignose |
2016-02-15 02:11:11 | bignose | set | messageid: <1455502271.6.0.558905453707.issue26362@psf.upfronthosting.co.za> |
2016-02-15 02:11:11 | bignose | link | issue26362 messages |
2016-02-15 02:11:10 | bignose | create | |
|