[Interest] Strange undeletable QTemporaryFile. Is it a bug?
Guido Seifert
wargand at gmx.de
Sat Aug 24 09:49:03 CEST 2013
> Now, here's another problem: on Unix, referring to the temporary file by
> anything besides its file descriptor means you're not in control. If the file is
> on a world-writable non-sticky directory, it's also a security risk: an
> attacker could delete the temporary file and replace it with a symlink to a file
> you own.
This is of course a striking argument. Security beats everything. And of course I don't want any changes, which breaks x code bases now. However, just for the argument, what I would have done:
1. isOpen, open, close made protected. Those methods just don't do what you expect. Making them protected is a good way to draw attention to the fact, that there might be some reading necessary. isOpen might even be private. I don't see how this method could be useful at all.
2. added a function 'reset', which does what close is doing now. You said yourself: close does not close anything. Calling this function close then just feels wrong to me.
Guido
More information about the Interest
mailing list