System.IO.openTempFile secure?
Glynn Clements
glynn at gclements.plus.com
Tue May 10 04:44:17 EDT 2005
Krasimir Angelov wrote:
> > Is the function System.IO.openTempFile secure in the sense that it
> > picks the filename, tests for its existence, and creates it
> > atomically? Either way, it's important that it's documented in
> > Haddock, IMO.
>
> Yes. It should be safe. The function generates a new file name and
> then tries to create file with such name. If it succeded then the file
> path and handle are returned. If the OS respond with EEXIST then the
> function tries to generate new name.
It's as safe as open(O_CREAT|O_EXCL), i.e. safe on POSIX-conformant
filesystems, unsafe on e.g. NFS.
--
Glynn Clements <glynn at gclements.plus.com>
More information about the Libraries
mailing list