Re: NSTemporaryDirectory() and security

FROM : Shawn Erickson
DATE : Tue May 01 20:33:30 2007

On 5/1/07, Jaime Magiera <<email_removed>> wrote:
> Good afterevenmorning,
>
> In all of my cocoa document-based applications, I've used
> NSTemporaryDirectory() as storage for render files, etc. This seems
> to be the suggested method...
>
> http://developer.apple.com/documentation/MacOSX/Conceptual/
> BPFileSystem/Articles/WhereToPutFiles.html#//apple_ref/doc/uid/
> TP40001411-109669
>
> However, there is a security issue, in the eyes of some, that writing
> to /tmp is bad. So, they have it cordoned off on their systems.
> Another issue would be if a user was rendering content that they
> didn't want other users (such as those logged via SSH) to see.
>
> What are the options/suggestions for tmp file writing that is secure
> but also follows Apple's guidelines? What are other folks doing?


You should create an user and application specific directory under the
"tmp" directory returned by the recommend APIs. The name of that
directory should look something like the following
"com.myapplication.bundleid.<user id>" with the possibility of using
mkstemp to generate a non-colliding directory name (aka
"com.myapplication.bundleid.<user id>.NNNN"). The directory should at
least disallow write to "others" and "wheel" and allow the user you
created it for to read, write and search.

drwxr-xr-x  2 serickso  wheel  68B May  1 10:52 3056/

-Shawn