Message389407
> You can use TemporaryDirectory.
That was actually the first approach I tried :) I even thought this could be used to make `mktemp` safe -- just create the name in a `TemporaryDirectory`.
However, after reading through the mailing list thread, I realized this just restricts the potential collision/hijacking to misbehaving/malicious processes running under the same user or under the super user. But the core problem with too easily guessable filenames (= not random enough, or not at all, as in your example) remains. Correct me if I'm wrong though.
Sorry, I should probably have mentioned this in OP. I thought about doing so, but then it turned out very long even without it, so I decided it would be better to discuss it only if someone else mentions it. |
|
Date |
User |
Action |
Args |
2021-03-23 19:35:25 | dlukes | set | recipients:
+ dlukes, serhiy.storchaka |
2021-03-23 19:35:25 | dlukes | set | messageid: <1616528125.0.0.601103424918.issue43604@roundup.psfhosted.org> |
2021-03-23 19:35:24 | dlukes | link | issue43604 messages |
2021-03-23 19:35:24 | dlukes | create | |
|