[Pipet Devel] temp files

[Brad Chapman]

Jeff wrote:
> Brad,
> 
> I thought you might find this helpful:
> 
> ----------------------
> Temporary (tmp) files
> 
> Most programs need to create temporary files, and this can be done 
perfectly
> safely if a little care and attention is taken. The first thing a 
program
> should do is honor the "TMP_DIR" environment variable. This allows 
users to
> create a ~/tmp_dir directory (or similar) which can be much more 
protected
> than
> the world accessible /tmp directory. 

Okay, so we should stick our temp directory in a 
protected/non-accessable location. I think this should be defined in 
the config file.

> Also if you must create temp files give
> them truly random names. Using the process PID or time of day, or 
other
> variables which should not "collide" will not prevent malicious 
users from
> creating many tempfiles in the hopes your program will open one and 
overwrite
> it.

Okay, this is something I'm definately not doing. The temp files 
describing a front end are very structured (purposely, to make it 
easier to read and debug and to make the represenation of the 
workspace make sense). I don't think it would be that hard to start 
making them random names, we could just define a dictionary that maps 
random numbers to actual names:

save_file[234A58B67] = 'workspace1/workspace2/viewer3.xml'

or something like this. But I don't really understand the security 
argument here. Why should it matter to have random versus ordered 
names? 

> Also make sure that the file doesn't exist before creating it,

Right now the way it creates directories and files, files will never 
be written over the top of each other.

Do you think this article implies I should change things about the 
current storage to make it safer, or am I doing things right? I'm not 
positive about the random file stuff.

Brad