Re: How secure are temp files created via tempfile.TemporaryFile()?

Discussion in 'Python' started by python@bdurham.com, Feb 18, 2010.

  1. Guest

    MRAB,

    > Well, the contents of temp files aren't encrypted, if that's what you're asking


    I understand the contents of temp files aren't encrypted.

    > if you're writing unencrypted data to a temp file then other applications could read it.


    That's my concern - can other applications really read my temp files
    created with tempfile.TemporaryFile( delete=True )?

    I don't think so because:

    1. These files appear to be exclusively locked by my process, eg. no
    other processes can read or write to these temp files except the process
    that created these files.

    2. As soon as my process terminates (voluntarily or involuntarily), the
    temp file gets deleted.

    But I want to make sure.

    Thanks,
    Mal
     
    , Feb 18, 2010
    #1
    1. Advertising

  2. On Thu, 18 Feb 2010 15:09:28 -0500, python wrote:

    > That's my concern - can other applications really read my temp files
    > created with tempfile.TemporaryFile( delete=True )?



    >>> import tempfile
    >>> x = tempfile.TemporaryFile(delete=True)

    Traceback (most recent call last):
    File "<stdin>", line 1, in <module>
    TypeError: TemporaryFile() got an unexpected keyword argument 'delete'


    The Fine Manual has good information about the security of the various
    calls:

    http://docs.python.org/library/tempfile.html

    tempfile.TemporaryFile(...)
    Return a file-like object that can be used as a temporary
    storage area. ... your code should not rely on a temporary file
    created using this function having or not having a visible name
    in the file system. ...

    tempfile.NamedTemporaryFile(...)
    This function operates exactly as TemporaryFile() does, except
    that the file is guaranteed to have a visible name in the file
    system ... Whether the name can be used to open the file a
    second time, while the named temporary file is still open, varies
    across platforms...


    > I don't think so because:
    >
    > 1. These files appear to be exclusively locked by my process, eg. no
    > other processes can read or write to these temp files except the process
    > that created these files.


    Exclusive locks are advisory, not mandatory, on some operating systems,
    so you can't rely on it. Recent versions of Windows have an interface to
    allow "backup software" to read files opened in exclusive mode, and I
    believe that the kernel can read *and write* to open files (although I
    welcome correction).

    http://en.wikipedia.org/wiki/File_locking

    And naturally, if your system is compromised with a root kit, then you
    can't trust *anything*, including file locks. But nobody expects an
    application to take responsibility for working securely in the face of a
    root kit :)


    > 2. As soon as my process terminates (voluntarily or involuntarily), the
    > temp file gets deleted.
    >
    > But I want to make sure.



    I think the best practice is platform-dependent:


    if os.name = "posix": # Unix, Linux, OpenBSD, FreeBSD, ...
    tmpfile = tempfile.TemporaryFile
    delete = None
    elif os.name in ["nt", "ce"]: # Windows NT, XP, 2000, CE, ...
    tmpfile = tempfile.NamedTemporaryFile
    delete = True
    else:
    # FIXME What to do for Mac, OS/2, RiscOS, Java?
    tmpfile = tempfile.TemporaryFile
    delete = None
    if delete is not None:
    f = tmpfile(*args, delete=delete)
    else:
    f = tmpfile(*args)



    --
    Steven
     
    Steven D'Aprano, Feb 19, 2010
    #2
    1. Advertising

  3. Guest

    Steven,

    Thank you very much for your wonderful reply!!

    I had read the Fine Manual, but as you pointed out the documentation
    only mentions visibility of file names.

    > Exclusive locks are advisory, not mandatory, on some operating systems, so you can't rely on it.


    That comment and your list of OS specific behaviors were EXACTLY the
    type of information I was looking for.

    Thanks again!
    Malcolm
     
    , Feb 19, 2010
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    2
    Views:
    594
    Mark P
    May 9, 2005
  2. Replies:
    7
    Views:
    406
    Karthik Gurusamy
    Dec 28, 2007
  3. Brad
    Replies:
    0
    Views:
    301
  4. John Nagle
    Replies:
    2
    Views:
    1,010
    Carl Banks
    Nov 12, 2010
  5. Alex van der Spek

    Difference between tempfile and spooled tempfile?

    Alex van der Spek, Apr 5, 2012, in forum: Python
    Replies:
    2
    Views:
    376
    Steve Howell
    Apr 5, 2012
Loading...

Share This Page