in reply to File::Temp::tempfile : name versus handle

The problem happens if you write to a directory to which others have write access. They could swap your file for one of their own, even if they don't have access to your file. This can be a real problem for setuid scripts.

Solutions would be system-specific. On a linux system, for example, you could dup the temp file onto fd 3, make sure it's not close-on-exec, and pass /proc/self/fd/3 for the file name.

Replies are listed 'Best First'.
Re^2: File::Temp::tempfile : name versus handle
by mldvx4 (Hermit) on Mar 22, 2018 at 19:09 UTC

    Thanks, that's a good point about the directory permissions. I already have the temporary files in a unique directory to keep them isolated. I did it more of reflex than conscious decision to its nice to have the reminder.

[reply]

In Section Seekers of Perl Wisdom