This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author dlukes
Recipients dlukes, serhiy.storchaka
Date 2021-03-23.19:35:24
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1616528125.0.0.601103424918.issue43604@roundup.psfhosted.org>
In-reply-to
Content 
> You can use TemporaryDirectory.

That was actually the first approach I tried :) I even thought this could be used to make `mktemp` safe -- just create the name in a `TemporaryDirectory`.

However, after reading through the mailing list thread, I realized this just restricts the potential collision/hijacking to misbehaving/malicious processes running under the same user or under the super user. But the core problem with too easily guessable filenames (= not random enough, or not at all, as in your example) remains. Correct me if I'm wrong though.

Sorry, I should probably have mentioned this in OP. I thought about doing so, but then it turned out very long even without it, so I decided it would be better to discuss it only if someone else mentions it.
History
Date User Action Args
2021-03-23 19:35:25dlukessetrecipients: + dlukes, serhiy.storchaka
2021-03-23 19:35:25dlukessetmessageid: <1616528125.0.0.601103424918.issue43604@roundup.psfhosted.org>
2021-03-23 19:35:24dlukeslinkissue43604 messages
2021-03-23 19:35:24dlukescreate