Mailing-List:	contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT sources DOT redhat DOT com>
List-Archive:	<http://sources.redhat.com/ml/cygwin/>
List-Post:	<mailto:cygwin AT sources DOT redhat DOT com>
List-Help:	<mailto:cygwin-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender:	cygwin-owner AT sources DOT redhat DOT com
Delivered-To:	mailing list cygwin AT sources DOT redhat DOT com
Date:	Wed, 24 Jan 2001 20:04:24 +0200
Message-Id:	<200101241804.UAA08138@linux.>
From:	"Ehud Karni" <ehud AT unix DOT simonwiesel DOT co DOT il>
To:	lhall AT rfk DOT com
Subject:	Re: unique filename
CC:	klaus DOT berndl AT sdm DOT de, cygwin AT sourceware DOT cygnus DOT com
In-reply-to:	<4.3.1.2.20010124105227.022430b8@pop.ma.ultranet.com>
	(lhall AT rfk DOT com)
Organization:	Simon & Wiesel Insurance agency
Reply-to:	ehud AT unix DOT simonwiesel DOT co DOT il
References:	<4 DOT 3 DOT 1 DOT 2 DOT 20010124105227 DOT 022430b8 AT pop DOT ma DOT ultranet DOT com>
X-Mailer:	Emacs 20.7.1 rmail (send-msg 1.104)
MIME-Version:	1.0

On Wed, 24 Jan 2001 10:57:12 -0500, Larry Hall (RFK Partners, Inc) <lhall AT rfk DOT com> wrote:
> 
> At 10:18 AM 1/24/2001, klaus DOT berndl AT sdm DOT de wrote:
> >What is the normal way with Unix-systems to create a unique 
> >filename?
> 
> Programmatically or from the shell prompt?  mktemp, which was just
> announced on this list, from Chuck Wilson's "misc" package should
> do this for you at the shell prompt.  mktemp() does this
> programmatically.  BTW, this isn't really a Cygwin question so you
> might want to follow-up on some mail list discussing C library calls
> if you have further issues.
 
Although this is off-topic I want to add some points:
    1. If you need some files (more than 1) it is better to use mktemp
       once and create a unique directory and save all your files there.
    2. The unique part has no meaning, so if you want to create files
       that are saved (or examined in case of error) make the fixed
       part meaningful - name of program/script+date/time+any other
       significant information (such as hostname, ip or user name).
       DO NOT rely on the system for user/date information, once you
       edit the file it will have your name and update time.
    3. There may be problems if many hosts write to the same FS, my
       solution is actually creating the file with exclusive bit on,
       i.e. open ( <name>, O_RDWR | O_CREAT | O_EXCL, <mask> ) ;                 
       if it fails get another unique name and try again (this is done
       automaticly by `mkstemp ()' but you can specify the mask).
    4. If you are not worried about security or DOS, you can use the
       hostname-time-PID combination quite safely.
    5. You can use a server to create unique names (I have such a server
       that works across the net and supplies each request with a
       unique 5 characters tag).

  Finally here is a quotation from Linux mktemp:
     Traditionally, many shell scripts take the name of the program with
     the PID as a suffix and use that as a temporary file name.  This
     kind of naming scheme is predictable and the race condition it
     creates is easy for an attacker to win.  A safer, though still
     inferior approach is to make a temporary directory using the same
     naming scheme.  While this does allow one to guarantee that a
     temporary file will not be subverted, it still allows a simple
     denial of service attack.

Ehud.


-- 
 @@@@@@ @@@ @@@@@@ @    @   Ehud Karni  Simon & Wiesel  Insurance agency
     @    @      @  @@  @   Tel: +972-3-6212-757    Fax: +972-3-6292-544
     @    @ @    @ @  @@    (USA)  Fax  and  voice  mail:  1-815-5509341
     @    @ @    @ @    @        Better     Safe     Than     Sorry
 http://www.simonwiesel.co.il    mailto:ehud AT unix DOT simonwiesel DOT co DOT il

--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple

- Raw text -