#4198 TIP 210 security

obsolete: 8.6a4
Don Porter

When TIP 210 was discussed in
2006, security issues were raised
for implementations based on
mkstemp(). Since some branches
of the committed implementation
do appear to be based on mkstemp(),
are those issues relevant?


Please review and comment.


  • Donal K. Fellows

    • status: open --> pending-invalid
  • Donal K. Fellows

    The FD returned by mkstemp() is the one that gets formed into a Tcl_Channel. But if you're creating a temporary file to use with an external API that requires a filename (they exist, alas) then you have to be able to get the filename as well. This is why the result of [file tempfile] is a channel name and you're allowed to give a variable name to get the filename if you want.

    Of slightly more concern is the fact that we may use the filename internally before returning to the script level (to unlink the file so it will get cleaned up on close) but I'm not sure what to do about that. Improvements welcome.

  • SourceForge Robot

    This Tracker item was closed automatically by the system. It was
    previously set to a Pending status, and the original submitter
    did not respond within 14 days (the time period specified by
    the administrator of this Tracker).

  • SourceForge Robot

    • status: pending-invalid --> closed-invalid

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.

No, thanks