[Python-Dev] Remove tempfile.mktemp() (original) (raw)

Anders Munch ajm at flonidan.dk
Wed Mar 20 08:30:50 EDT 2019

• Previous message (by thread): [Python-Dev] Remove tempfile.mktemp()
• Next message (by thread): [Python-Dev] Remove tempfile.mktemp()
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Victor Stinner:

To be clear: mktemp() is vulnerable by design

No: mktemp() is vulnerable by implementation. Specifically, returning a file name in a world-accessible location, /tmp.

regards, Anders

• Previous message (by thread): [Python-Dev] Remove tempfile.mktemp()
• Next message (by thread): [Python-Dev] Remove tempfile.mktemp()
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list