Comments (4)
Hey, good question, thanks for asking,
I created this quickly because I needed something easy to create, and then clean up temporary files and directories, and wanted to use Rust's lifetimes to manage the lifetime of the fs entity.
This isn't quite like libc's mktemp
- so maybe the name is misleading. This simply creates a file, or directory, and then you'll have an available AsRef<Path>
, which can be cleaned up from the filesystem when the bound variable's lifetime is complete.
The file is opened upon creation by the library, and upon opening, is truncated if it already exists (std::fs::File::create). Directories are also created. This definitely isn't perfect, and still suffers from a couple of potential things, plus there are a couple things I need to check with regard to the rand::Rng
used to generate filenames (pretty certain we're good there using a cryptographically OK source of entropy, but I should check and confirm) - which I shall do tomorrow. But this is definitely better than mktemp(3)
in terms of security - but definitely not perfect.
Of course, you/we can still use libc
directly https://doc.rust-lang.org/libc/x86_64-unknown-linux-gnu/libc/index.html?search=mktemp, but I'd prefer a pure Rust implementation with as little unsafe
code as possible. (While writing this I thought I might use Rust's "feature feature" to provide two implementations - one wrapping libc, if you want it, and one wrapping a pure Rust impl).
Templating is a nice idea - will also add it to the agenda.
from rs-mktemp.
Whether you allow file-names to be specified via a template is really up to you.
As the CWE I linked points out, there is good reason for creating exclusively (failing if the file already exists). If the process is unprivileged this is less important, but best to get it right once than expect all users to check whether this is something that might concern them, in my opinion.
So I recommend:
- change
create_file()
to useOpenOptions::new().write(true).create_new(true).open(self)
- possibly make
create_file()
try again a number of times if file creation fails due to name conflict — may be a convenient way to partially avoid a denial-of-service attack, but not sure how useful otherwise - possibly don't create directories recursively (not really sure if this is exploitable), however it would make sense to fail if the directory already exists
I don't personally see an issue linking to libc functions since libc is linked anyway and very well tested, but if you prefer not to it's not a big deal.
from rs-mktemp.
I'd also recommend to set the proper permissions, the files are currently readable by anyone.
Something like this should do the trick: OpenOptions::new().mode(0o700).write(true).create_new(true).open(self)
from rs-mktemp.
Bear in mind: OpenOptions.mode
and mkstemp
are not available on Windows.
Also exec should not be set on something other than very deliberately—a mode of 600 is preferable to 700.
from rs-mktemp.
Related Issues (11)
- [Suggestion] A way to provide a containing directory other than by changing the environment variable HOT 1
- Release flag and method are inefficient; operate by value instead HOT 1
- Split Temp into TempFile and TempDir
- Don't panic on remove if the file does not exist HOT 2
- Provide a mechanism for retaining file HOT 4
- Support creating temporary file with particular extension HOT 1
- Upgrade uuid
- crates.io links are not updated
- Still alive? HOT 1
- Uuid ~1.4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rs-mktemp.