TemproraryFileWrapper wrapper anymore, and should be immune from the
problem that a temp file inherited by a spawned process caused an
attempt to close the temp file in the spawning process to blow
up (the unlink in TemporaryFileWrapper.close() blew up with a
"Permission denied" error because, despite that the temp file got
closed in the spawning process, the spawned process still had it open
by virtue of C-level file descriptor inheritance). In context,
that bug took days to figure out <wink/sigh>.
This is an ancient race when multiple threads call gettempdir() (or
anything relying on it) for the first time.
Fixed x-platform via the Big Hammer of rearranging the code to serialize
the first calls. Subsequent calls are as fast as before.
Note that the Python test suite can't provoke this bug: it requires
setting up multiple threads making the very first calls into tempfile,
but the test suite uses tempfile several times before getting to
test_threadedtempfile.
Bugfix candidate.
pid across threads (but in that case, it's still the same process, and so
still sharing the "template" cache in tempfile.py). Repaired that, and
added a new std test.
On Linux, someone please run that standalone with more files and/or more
threads; e.g.,
python lib/test/test_threadedtempfile.py -f 1000 -t 10
to run with 10 threads each creating (and deleting) 1000 temp files.
Tested on Windows. Should be tested on Linux. Should also be
tested on some platform without threads (I simulated that by
making the "import thread" fail, but that's not the same as
actually doing it!).
This uses the same precautions when trying to find a temporary
directory as when the actual tempfile is created (using O_CREAT and
O_EXCL). On non-posix platforms, nothing is changed.
The attached patches update the standard library so that all modules
have docstrings beginning with one-line summaries.
A new docstring was added to formatter. The docstring for os.py
was updated to mention nt, os2, ce in addition to posix, dos, mac.
filenames generated are easily predictable, it is possible to trick an
unsuspecting program into overwriting another file by creating a
symbolic link with the predicted name. Fix this by using the
low-level os.open() function with the O_EXCL flag and mode 0700. On
non-Unix platforms, presumably there are no symbolic links so the
problem doesn't exist. The explicit test for Unix (posix, actually)
makes it possible to change the non-Unix logic to work without a
try-except clause.
The mktemp() file is as unsafe as ever.
Raymond Hettinger
Neil Schemenauer
Tim Peters
Guido van Rossum
Skip Montanaro
Jeremy Hylton