X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/86d27a169c5ab6952b98487c406926b82b8185bc..4a331d8afc75f9c9fbfb1ef8d592fa1bfb4e2874:/doc/todo/unified_temporary_file__47__directory_handling.mdwn diff --git a/doc/todo/unified_temporary_file__47__directory_handling.mdwn b/doc/todo/unified_temporary_file__47__directory_handling.mdwn index 0ee780d1a..ca63fbeea 100644 --- a/doc/todo/unified_temporary_file__47__directory_handling.mdwn +++ b/doc/todo/unified_temporary_file__47__directory_handling.mdwn @@ -2,4 +2,18 @@ Many plugins seem to create temporary files. Although it is not much code, it is typical place for security bugs. Would it be worthwhile to have library functions for creating temporary files and directories? If nothing else, it would serve as documentation of the "official way". -Off to cut and paste :-) +Off to cut and paste :-) --[[DavidBremner]] + +> Hmm, I see only three users of temp files in all ikiwiki: +> * hnb uses `File::Temp::mkstemp` to create two temp file handles. +> * teximg uses `File::Temp::tempdir` to create a temporary directory. +> * attachment retrieves a temp file from `CGI::tmpFileName`. +> These are three quite different uses of temp files, not subject to +> unification. Using `File::Temp` (and avoiding the posibly insecure +> `mktemp`, `tmpname`, and `tempnam` functions) is probably as unified as +> can be managed. --[[Joey]] + +>> OK, fair enough. Somehow the code in teximg made me think it was +>> all a bit complicated. But after I played with it a bit more (and used File::Temp) +>> I tend to agree, there is no real problem there to fix. +>> Feel free to mark [[done]] [[DavidBremner]]