How does one go about safely write a temporary file to a location within an application server that is publicly accessible?
2 Answers
It depends on "safely". If you want to avoid read or write access from other users of the same machine, then you should rely on the access rights provided by the operating system (if the OS is hostile, then you already lost). On Unix-like systems, use the mkstemp()
function, but take care to use an OS where the access rights are set sanely. E.g., with Linux, mkstemp()
does things correctly beginning with glibc-2.07, but previous versions made the file readable and writeable by all users on the machine, which was inconvenient (the problem could be mitigated by doing a fchmod()
immediately afterwards, but this was still vulnerable to a race condition).
![](../../users/profiles/5411.webp)
- 168,808
- 28
- 337
- 475
-
You Tom's always provide such knowledgeable answers... and you both use Bear icons. Coincidence or conspiracy? :) – k1DBLITZ Mar 01 '13 at 20:15
-
Conspiracy implies secrecy, not mere discretion. – Tom Leek Mar 01 '13 at 20:38
My recommendation would be to ensure that this temporary file is written outside of the webroot. This ensures that it cannot be accessed through a simple web browser call.
The rest is up to the OS as Tom points.
![](../../users/profiles/15577.webp)
- 3,933
- 14
- 20