Creating a temporary file: do I really need to use mkstmp?

[hazel]

From my reading, it seems that most of glibc's temporary file creation functions are now deprecated except mkstmp and tmpfile, which both open the file immediately. You are obviously expected to keep it open thereafter.

I want a temporary file which can be opened and closed repeatedly. For example, I want to be able to empty it by closing it and reopening it in write mode. If I do this with a file created by mkstemp, it's no different in principle to using mktemp or tempnam.

I can see the need for extra care if a program runs as root, but this one wouldn't, and the temporary files would be created in the user's home directory which isn't writable by anyone else. I could set the mode to 600; wouldn't this be good enough?

[Lakshmipathi]

Though,I'm not sure whether following going to help you or not.
One of my requirement for my tool is to create unique names that can be used later.
For example,I'll get the unique file using mkstemp and get its name after that close the fd and delete it. Now we have filename alone not file itself. Use this file name for creating a new file at a different location.

char fname[] = "extcarveXXXXXX";
char tmp_dname[100];
int temfd;

/* The trick to get a unique name using mkstemp and unlink the temp.file and then use it. */
temfd = mkstemp (fname);
close (temfd);
unlink (fname);
strcpy (tmp_dname, restore_device_dir);

strcat (tmp_dname, "/");
strcat (tmp_dname, fname);
strcat (tmp_dname, needle->dotpart);

temfd = creat (tmp_dname, 0700);
if (temfd < 0)
{
printf
("Please check permission for destination directory %s.Something wrong",
restore_device_dir);
exit (0);
}
//proceed writing

[hazel]

Yes, that's quite similar to what I'm doing except that I don't need to move the file around so I can just open and close it rather than deleting and recreating it.

The point made in some of the literature is that if you don't have the temporary file open continuously, someone else can delete it and replace it by a link to an important system file (for example the /etc/passwd file); then when you write to what you think is your file, you actually clobber your system. But that seems to me not to be a problem unless you're running with root permissions and creating your files in a world-writeable directory such as /tmp.

Why do programmers have to be so paranoid?

[sgosnell]

Why do programmers have to be so paranoid?

Because users are so creative. Probably 98% of the work on any program is protecting it against the efforts of potential users to break it. The user interface is always the hardest part, and trapping every possible error the users can introduce takes much time and creativity. Write a few programs, and you will inevitably become very paranoid.

[elija]

Because users are so creative. Probably 98% of the work on any program is protecting it against the efforts of potential users to break it. The user interface is always the hardest part, and trapping every possible error the users can introduce takes much time and creativity. Write a few programs, and you will inevitably become very paranoid.

And that's only the ones who aren't trying to break your software