apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dirk-Willem van Gulik <di...@webweaving.org>
Subject Re: APR_TMP_DIRECTORY
Date Fri, 06 Dec 2002 08:57:29 GMT


On 6 Dec 2002 cmpilato@collab.net wrote:

> Dirk-Willem van Gulik <dirkx@webweaving.org> writes:
>
> > On Thu, 5 Dec 2002, Aaron Bannert wrote:
> >
> > > I don't like the idea of having environment variables drive things like
> > > this. Temp directories are a great way to get programs to write files
> > > wherever you want. I'd much rather have a function where the global
> > > tempdir can be set and then retrieved later by apr_get_temp_dir(). The
> > > nice thing about this is it doesn't incur any processing overhead when
> > > apr_get_temp_dir() is called, and can let apps like httpd create their
> > > own config directive for setting the preferred tempdir.
> >
> > Over the years the same discussion has been had in various unix forums -
> > and I have a strong feeling that the consensus reached there (or at least
> > the working assumption) that the ability to get a 'free to use' directory
> > reference was BAD - and that you are better off asking for a temp file
> > name; as to avoid clashes and all sorts of other mayem.
>
> What's the hangup here?  Every Unix I've ever seen, and every Windows
> version I've ever seen, has a notion of a temporary directory.

Sure - but where it is depends on the unix, wether you are using a
secure/trusted unix, who you are logged in at, the NFS mounting situation
du jour. Figuring it out -and- respecting the admin wishes is non trivial.

Often the only reason you want a tmp directory is to create a temp file.

Usually that file should be private to 'you'. So you then need to guess a
unique name and make sure no one else uses it and ensure you do not clash
with others in what is essentially a NON controlled namespace.

So you normally do not try to outgess the system; but rely on libc to give
you a tempname with some good warranties and clear contract.

What I am challenging is that apr_ actually needs a way of getting a temp
DIR; I am advocating that in 99% of the cases being able to get a temp
NAME is good enough. (and tmpfile() is inherently safer of course).

And that libc is inherently better at getting it right.

Dw


Mime
View raw message