Re: NSTemporaryDirectory() and security
Re: NSTemporaryDirectory() and security
- Subject: Re: NSTemporaryDirectory() and security
- From: Chris Parker <email@hidden>
- Date: Tue, 1 May 2007 12:59:48 -0700
On May 1, 2007, at 11:50 AM, Rosyna wrote:
You can use FSFindFolder() to get the temp directory for the user's
specific domain.
On Tiger, NSTemporaryDirectory() calls FSFindFolder() and returns a
path appropriate for use by applications wishing to store temporary
files for the calling user.
The directory has appropriate permissions which prevent anyone other
than the user from futzing around in the directory, which addresses
the race issue most security people have with just writing files in
world-writeable locations.
As Rosyna notes below, don't sequester this path off someplace and
keep using it - the path may change from release to release.
.chris
Note the folder returned by this has changed drastically between Mac
OS X releases, so never, ever store paths.
Ack, at 5/1/07, Jaime Magiera said:
However, there is a security issue, in the eyes of some, that
writing to /tmp is bad. So, they have it cordoned off on their
systems. Another issue would be if a user was rendering content
that they didn't want other users (such as those logged via SSH) to
see.
--
Sincerely,
Rosyna Keller
Technical Support/Carbon troll/Always needs a hug
Unsanity: Unsane Tools for Insanely Great People
It's either this, or imagining Phil Schiller in a thong.
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden