[Python-Dev] Warn about mktemp once again? (original) (raw)
Tristan Seligmann mithrandi-python-dev at mithrandi.za.net
Tue May 6 13:19:15 CEST 2008
- Previous message: [Python-Dev] Warn about mktemp once again?
- Next message: [Python-Dev] Warn about mktemp once again?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Antoine Pitrou <solipsis at pitrou.net> [2008-05-06 10:47:23 +0000]:
<skip pobox.com> writes: > > Back in r29829, Guido commented out the security hole warning for > tempfile.mktemp: > [...] > > Comment out the warnings about mktemp(). These are too annoying, and > often unavoidable. > > Any thought about whether this warning should be restored? We're 5+ years > later. Hopefully many uses of mktemp have been removed. If we're not going > to restore the warning perhaps the commented code should just be deleted.
Sorry to revive this thread, but mktemp() is very useful when the file is meant to be created by another application (e.g. launched by subprocess, but it could even be a daemon running under a different user). For example if I have a processing chain to converts a PDF to a temporary JPEG using an external tool and then does other things with the JPEG: I don't want Python to actually create the file, just to generate an unique filename.
The correct way to do this is to create a temporary directory, and then generate a filename underneath that directory to use.
mithrandi, i Ainil en-Balandor, a faer Ambar -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: Digital signature URL: <http://mail.python.org/pipermail/python-dev/attachments/20080506/68915214/attachment.pgp>
- Previous message: [Python-Dev] Warn about mktemp once again?
- Next message: [Python-Dev] Warn about mktemp once again?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]