Re: NSTemporaryDirectory() and security

FROM : stephen joseph butler
DATE : Tue May 01 20:26:14 2007

On 5/1/07, stephen joseph butler <stephen.<email_removed>> wrote:
> On 5/1/07, Jaime Magiera <<email_removed>> wrote:
> > However, there is a security issue, in the eyes of some, that writing
> > to /tmp is bad. So, they have it cordoned off on their systems.
> > Another issue would be if a user was rendering content that they
> > didn't want other users (such as those logged via SSH) to see.
> >
> > What are the options/suggestions for tmp file writing that is secure
> > but also follows Apple's guidelines? What are other folks doing?
>
> As far as I know, mkstemp() is what you're supposed to use (man 3
> mkstemp). You can take the returned FD and wrap it in an NSFileHandle
> for convenience.


Actually, here's a quick category that should work (untested):

#include <unistd.h>
#import <Foundation/Foundation.h>

@interface NSFileHandle (NSFileHandleSecureTemp)

+ (NSFileHandle*) fileHandleWithTemporaryFile:(NSString*)template;

@end

@implementation NSFileHandle (NSFileHandleSecureTemp)

+ (NSFileHandle*) fileHandleWithTemporaryFile:(NSString*)template
{
  char * cTemplate = NULL;
  int fd = -1;
  NSFileHandle *rv = nil;

  NSParameterAssert( template != nil );

  cTemplate = strdup( [template fileSystemRepresentation] );
  fd = mkstemp( cTemplate );
  free( cTemplate ); cTemplate = NULL;

  if (fd != -1)
    rv = [[[NSFileHandle alloc] initWithFileDescriptor:fd
closeOnDealloc:YES] autorelease];

  return rv;
}