[Patches] Patch to make tempfile return random filenames

[Guido van Rossum]

> From: "Andrew M. Kuchling" <akuchlin@mems-exchange.org>
> 
> Guido van Rossum writes:
> >I have always assumed this is only really an issue with set-uid
> >programs.  If I write a simple script, why would it be vulnerable?
> >(There's still the PID in the name too.)
> 
> It matters if the script is run by the root user, not necessarily if
> it's setuid.  I think one possible malicious attack is creating a
> symlink to a file such as /etc/passwd; when the script runs, it opens
> a temp. file, and overwrites /etc/passwd with junk.  Periodically you
> see advisories from places like Red Hat, fixing these tempfile
> problems an admin script that root runs
> 
> I think it's worth fixing, but I'm not clear on what the safe way to
> create a temp. file *is*.  Has anyone written a clear guide to the
> safe way to open tempfiles?

Yes, use the tempfile.TemporaryFile class.  It uses O_EXCL which
avoids the issue.

--Guido van Rossum (home page: http://www.python.org/~guido/)